x-kom hosting

problem z usunięciem win32: malware-gen

winbooy
utworzono
utworzono (edytowane)

Witam.
Mojej siostry komputer dwa dni temu został zainfekowany trojanem który wyglądał jak anty wirus i nazywał się " Live security platinum". Od razu po infekcji zamulił cały komputer i nie dało się nic zrobić.
W trybie awaryjnym przeskanowałem komputer programem "Malwarebytes-Antimalware". Po tym skanowaniu można już było normalnie pracować na komputerze ale, "avast home edition" co chwilę zgłasza problem tz. wyświetla się informacja o zablokowaniu niebezpiecznego programu: win32: Malware-gen ze ścieżki windows/installer... (dalej ścieżki avast w tej chmurkowej informacji nie pokazuje), proses: windows/system32/services.exe. Avast niby cały czas przenosi go do kwarantanny, lecz co jakieś 5 lub 10 minut znów ten sam komunikat.
Teraz podczas skanowania (Avastem jak i Malwarebytes-animalware) nic nie wychodzi. Dodam, że próbowałem również skanowania programem Drweb, lecz skanowanie zawiesz się po paru minutach.

system: windows vista 64bit

utworzone logi z otl, na podstawie [url="http://www.forumpc.pl/index.php?showtopic=104338"]http://www.forumpc.p...howtopic=104338[/url]
otl: [log]OTL logfile created on: 2012-06-16 18:25:44 - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 51,52% Memory free
8,21 Gb Paging File | 5,92 Gb Available in Paging File | 72,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,26 Gb Total Space | 45,40 Gb Free Space | 30,21% Space Free | Partition Type: NTFS
Drive D: | 781,25 Gb Total Space | 258,06 Gb Free Space | 33,03% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-06-16 18:20:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\otl\OTL.exe
PRC - [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012-05-11 16:33:52 | 019,858,432 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe
PRC - [2012-04-27 02:13:06 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2012-03-01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
PRC - [2012-02-29 08:55:08 | 017,148,552 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
PRC - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012-01-19 13:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012-01-19 13:26:18 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011-11-11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe
PRC - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2007-08-02 17:45:50 | 000,053,248 | ---- | M] (Sonic Focus, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007-04-03 10:30:56 | 000,995,328 | ---- | M] (AzureWave.com) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe
PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe
PRC - [2006-11-02 17:04:16 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
PRC - [2006-11-02 11:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-06-16 18:20:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\otl\OTL.exe
MOD - [2012-06-14 21:25:05 | 004,190,920 | ---- | M] (Skype Technologies S.A.) -- C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\npSkypeChromePlugin.dll
MOD - [2012-06-14 20:57:03 | 000,120,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
MOD - [2012-06-14 16:48:15 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\defs\12061600\uiext.dll
MOD - [2012-06-13 06:46:12 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012-06-13 05:47:55 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012-06-13 05:47:40 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012-06-13 05:47:36 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012-06-13 05:47:29 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012-06-13 05:47:28 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
MOD - [2012-06-07 10:14:43 | 000,441,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
MOD - [2012-06-07 10:14:42 | 003,922,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012-06-07 10:13:27 | 000,553,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libglesv2.dll
MOD - [2012-06-07 10:13:26 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libegl.dll
MOD - [2012-06-07 10:13:25 | 009,962,520 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\icudt.dll
MOD - [2012-06-07 10:13:19 | 035,876,888 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\chrome.dll
MOD - [2012-06-07 10:13:16 | 000,134,696 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012-06-07 10:13:15 | 000,250,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012-06-07 10:13:14 | 002,375,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\PROGRA~2\Google\Chrome\APPLIC~1\190108~1.56\gcswf32.dll
MOD - [2012-06-07 09:23:18 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\d3dcompiler_43.dll
MOD - [2012-06-07 09:23:18 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\d3dx9_43.dll
MOD - [2012-06-04 05:42:00 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2012-06-04 05:41:57 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012-06-04 05:41:57 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012-05-30 13:53:22 | 003,977,928 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Toolbars\Shared\SkypePnr.dll
MOD - [2012-05-15 08:37:49 | 000,916,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-05-15 08:37:29 | 001,212,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-05-15 08:33:11 | 006,007,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-05-15 08:32:10 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
MOD - [2012-05-15 08:31:43 | 002,000,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-05-15 08:31:42 | 011,111,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-05-15 08:31:42 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iepeers.dll
MOD - [2012-05-13 14:52:15 | 000,115,137 | ---- | M] () -- C:\Users\PC\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll
MOD - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012-05-11 21:21:44 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012-05-11 21:20:20 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll
MOD - [2012-05-11 21:20:13 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012-05-11 16:33:52 | 019,858,432 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe
MOD - [2012-05-11 16:25:24 | 000,292,864 | ---- | M] () -- C:\Program Files (x86)\ipla\MediaFileScanner.dll
MOD - [2012-05-11 16:24:46 | 002,814,464 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ZGUI.dll
MOD - [2012-05-11 16:24:42 | 000,386,560 | ---- | M] () -- C:\Program Files (x86)\ipla\jabberoo.dll
MOD - [2012-05-11 16:24:24 | 002,268,160 | ---- | M] ([url="http://mediainfo.sourceforge.net"]http://mediainfo.sourceforge.net[/url]) -- C:\Program Files (x86)\ipla\MediaInfoStatic.dll
MOD - [2012-05-11 16:23:20 | 000,907,264 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\CommonLib.dll
MOD - [2012-05-11 16:22:42 | 000,237,568 | ---- | M] (The cURL library, [url="http://curl.haxx.se/"]http://curl.haxx.se/[/url]) -- C:\Program Files (x86)\ipla\curllib.dll
MOD - [2012-05-11 16:22:40 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\ipla\lua.dll
MOD - [2012-05-11 16:21:52 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\ipla\ziplib.dll
MOD - [2012-05-11 07:31:34 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012-05-11 07:26:57 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012-05-11 07:26:53 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012-05-11 07:26:50 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012-05-11 07:26:48 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012-05-11 07:26:43 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012-05-05 16:21:11 | 008,778,912 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_235.ocx
MOD - [2012-04-27 02:13:06 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MOD - [2012-04-23 18:00:53 | 000,984,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012-04-23 18:00:53 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2012-04-04 15:56:38 | 002,165,320 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
MOD - [2012-04-04 15:56:38 | 000,476,232 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
MOD - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
MOD - [2012-03-07 19:14:08 | 000,163,840 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
MOD - [2012-03-07 01:15:28 | 000,228,632 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\uiLangRes.dll
MOD - [2012-03-07 01:15:28 | 000,095,232 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\1045\Base.dll
MOD - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
MOD - [2012-03-07 01:15:15 | 004,675,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\CommonRes.dll
MOD - [2012-03-07 01:15:13 | 000,215,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2012-03-07 01:15:10 | 000,399,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswSqLt.dll
MOD - [2012-03-07 01:15:10 | 000,214,736 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2012-03-07 01:15:10 | 000,027,264 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswUtil.dll
MOD - [2012-03-07 01:15:09 | 000,217,296 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswLog.dll
MOD - [2012-03-07 01:15:08 | 000,682,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswAux.dll
MOD - [2012-03-07 01:15:07 | 000,337,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
MOD - [2012-03-07 01:15:07 | 000,184,872 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswData.dll
MOD - [2012-03-07 01:15:07 | 000,164,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
MOD - [2012-03-07 01:15:07 | 000,153,936 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTask.dll
MOD - [2012-03-07 01:15:07 | 000,098,864 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
MOD - [2012-03-07 01:15:07 | 000,050,448 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
MOD - [2012-03-07 01:15:06 | 000,406,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashBase.dll
MOD - [2012-03-07 01:15:06 | 000,061,760 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
MOD - [2012-03-07 01:15:04 | 000,140,064 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AhAScr.dll
MOD - [2012-03-07 01:15:03 | 000,345,040 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Aavm4h.dll
MOD - [2012-03-07 01:15:03 | 000,096,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll
MOD - [2012-03-01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
MOD - [2012-02-29 17:11:42 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-02-29 17:09:53 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-29 08:55:08 | 017,148,552 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
MOD - [2012-02-03 17:11:07 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
MOD - [2012-01-19 13:47:58 | 002,860,928 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Resource_pl.dll
MOD - [2012-01-19 13:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
MOD - [2012-01-19 13:26:18 | 000,065,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.dll
MOD - [2012-01-19 08:14:30 | 000,918,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpftxt_v0400.dll
MOD - [2012-01-17 23:44:04 | 000,561,176 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\Main_Help.dll
MOD - [2011-12-15 08:07:16 | 006,727,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
MOD - [2011-12-15 08:07:16 | 000,386,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
MOD - [2011-12-15 08:07:16 | 000,057,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
MOD - [2011-12-14 18:17:47 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-18 22:55:05 | 001,167,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-16 18:24:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-11-16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2011-11-16 18:23:05 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2011-11-11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
MOD - [2011-10-18 08:18:56 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2011-10-14 18:03:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2011-08-25 18:14:01 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-25 18:14:01 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-08-12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
MOD - [2011-08-12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
MOD - [2011-08-12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
MOD - [2011-08-12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
MOD - [2011-08-12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
MOD - [2011-07-04 19:46:24 | 004,514,400 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\ggsip.dll
MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-07-04 19:45:36 | 000,815,712 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\networkdao.dll
MOD - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe
MOD - [2011-06-29 10:47:14 | 001,217,024 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files (x86)\ipla\LIBEAY32.dll
MOD - [2011-06-29 10:47:14 | 000,237,056 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files (x86)\ipla\SSLEAY32.dll
MOD - [2011-06-17 08:06:05 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2011-06-17 08:06:05 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2011-06-15 18:12:11 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-05-22 19:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011-05-18 18:57:22 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2011-05-18 18:57:22 | 000,044,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-04-12 18:11:05 | 000,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-04-01 12:26:40 | 001,663,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
MOD - [2011-03-10 19:03:51 | 001,136,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011-03-03 17:40:05 | 000,542,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll
MOD - [2011-03-02 17:44:26 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-02-17 11:00:46 | 000,327,680 | ---- | M] ([url="http://hunspell.sourceforge.net/"]http://hunspell.sourceforge.net/[/url]) -- C:\Program Files (x86)\Gadu-Gadu 10\libhunspell.dll
MOD - [2011-02-17 11:00:44 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Gadu-Gadu 10\dbghelp.dll
MOD - [2011-02-17 11:00:44 | 000,319,488 | ---- | M] (The cURL library, [url="http://curl.haxx.se/"]http://curl.haxx.se/[/url]) -- C:\Program Files (x86)\Gadu-Gadu 10\libcurl.dll
MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 10:59:32 | 001,163,264 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files (x86)\Gadu-Gadu 10\LIBEAY32.dll
MOD - [2011-02-17 10:59:32 | 000,253,952 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files (x86)\Gadu-Gadu 10\SSLEAY32.dll
MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll
MOD - [2011-01-21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2011-01-21 18:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2011-01-20 18:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2011-01-20 18:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2011-01-20 18:06:38 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2011-01-20 18:04:54 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2010-12-28 17:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010-10-21 09:38:36 | 000,506,736 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\SysWOW64\Wintab32.dll
MOD - [2010-10-21 09:38:34 | 000,650,096 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\SysWOW64\Pen_Tablet.dll
MOD - [2010-08-31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010-08-31 17:43:52 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
MOD - [2010-07-10 00:38:00 | 009,818,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
MOD - [2010-06-28 19:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-06-18 19:31:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-06-11 18:15:06 | 001,248,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2010-05-04 21:13:07 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msshsq.dll
MOD - [2010-04-16 18:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-03-18 14:16:28 | 000,801,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
MOD - [2010-03-18 14:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100_clr0400.dll
MOD - [2010-03-18 14:16:28 | 000,688,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
MOD - [2009-12-04 20:28:51 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvfw32.dll
MOD - [2009-11-08 10:55:32 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
MOD - [2009-09-25 04:10:10 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009-09-04 13:41:59 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-11 21:01:41 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009-06-15 16:51:38 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-04-23 14:15:39 | 000,677,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-04-11 08:28:26 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll
MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2009-04-11 08:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-04-11 08:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-04-11 08:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-04-11 08:28:24 | 000,466,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2009-04-11 08:28:24 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-04-11 08:28:23 | 001,541,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\onex.dll
MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2009-04-11 08:28:23 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-04-11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SLC.dll
MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-04-11 08:28:23 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-04-11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2009-04-11 08:28:22 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009-04-11 08:28:22 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-04-11 08:28:21 | 000,613,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MSMPEG2VDEC.DLL
MOD - [2009-04-11 08:28:21 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-04-11 08:28:20 | 002,012,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\milcore.dll
MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-04-11 08:28:20 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2009-04-11 08:28:20 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2009-04-11 08:28:20 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-04-11 08:28:20 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-04-11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2009-04-11 08:28:19 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll
MOD - [2009-04-11 08:28:19 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-04-11 08:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\es.dll
MOD - [2009-04-11 08:28:19 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\eappcfg.dll
MOD - [2009-04-11 08:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-04-11 08:28:19 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-04-11 08:28:18 | 001,788,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2009-04-11 08:28:18 | 001,324,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\browseui.dll
MOD - [2009-04-11 08:28:18 | 000,971,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-04-11 08:28:18 | 000,396,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioEng.dll
MOD - [2009-04-11 08:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-04-11 08:28:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-04-11 08:28:18 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009-04-11 08:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-04-11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
MOD - [2009-04-11 08:27:17 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Kswdmcap.ax
MOD - [2009-04-11 08:27:12 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2009-04-11 08:27:12 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-04-11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-04-11 08:26:44 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-04-11 08:26:43 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-04-11 08:26:43 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-04-11 08:26:43 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-03-08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
MOD - [2009-03-08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
MOD - [2009-03-08 13:31:37 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imgutil.dll
MOD - [2009-03-08 13:31:35 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pngfilt.dll
MOD - [2009-03-08 13:22:37 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2008-01-21 04:52:09 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2008-01-21 04:52:02 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2008-01-21 04:51:15 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2008-01-21 04:51:11 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2008-01-21 04:51:11 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2008-01-21 04:51:08 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2008-01-21 04:51:05 | 000,234,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2008-01-21 04:51:03 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2008-01-21 04:51:00 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2008-01-21 04:50:54 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2008-01-21 04:50:47 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2008-01-21 04:50:36 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2008-01-21 04:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2008-01-21 04:50:31 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2008-01-21 04:50:28 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2008-01-21 04:50:27 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\acwow64.dll
MOD - [2008-01-21 04:50:25 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2008-01-21 04:50:15 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2008-01-21 04:50:15 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2008-01-21 04:50:11 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\eappprxy.dll
MOD - [2008-01-21 04:50:09 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2008-01-21 04:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2008-01-21 04:50:00 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2008-01-21 04:49:54 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksproxy.ax
MOD - [2008-01-21 04:49:49 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2008-01-21 04:49:44 | 000,155,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dssenh.dll
MOD - [2008-01-21 04:49:43 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2008-01-21 04:49:42 | 000,289,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hnetcfg.dll
MOD - [2008-01-21 04:49:34 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2008-01-21 04:49:30 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hhctrl.ocx
MOD - [2008-01-21 04:49:12 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2008-01-21 04:49:10 | 000,816,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3dim700.dll
MOD - [2008-01-21 04:49:06 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2008-01-21 04:48:57 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2008-01-21 04:48:55 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2008-01-21 04:48:55 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2008-01-21 04:48:43 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2008-01-21 04:48:43 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2008-01-21 04:48:31 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2008-01-21 04:48:26 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\upnphost.dll
MOD - [2008-01-21 04:48:21 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2008-01-21 04:48:15 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2008-01-21 04:48:14 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2008-01-21 04:47:40 | 000,090,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll
MOD - [2007-08-02 17:45:50 | 000,053,248 | ---- | M] (Sonic Focus, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
MOD - [2007-08-02 17:45:12 | 000,054,784 | ---- | M] (Sonic Focus, Inc.) -- C:\Windows\SysWOW64\SFFXComm.dll
MOD - [2007-04-03 10:30:56 | 000,995,328 | ---- | M] (AzureWave.com) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe
MOD - [2007-03-19 15:20:14 | 000,327,680 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtlLib.dll
MOD - [2007-03-09 14:29:44 | 000,155,648 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\IpLib.dll
MOD - [2007-03-09 14:29:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\ASUS WiFi-AP Solo\EnumDevLib.dll
MOD - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe
MOD - [2006-11-02 17:04:16 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
MOD - [2006-11-02 17:02:33 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2006-11-02 11:46:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2006-11-02 11:46:13 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tapi32.dll
MOD - [2006-11-02 11:46:13 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shimeng.dll
MOD - [2006-11-02 11:46:13 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ssdpapi.dll
MOD - [2006-11-02 11:46:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2006-11-02 11:46:12 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\perfos.dll
MOD - [2006-11-02 11:46:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2006-11-02 11:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2006-11-02 11:46:12 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2006-11-02 11:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2006-11-02 11:46:05 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mapi32.dll
MOD - [2006-11-02 11:46:05 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Magnification.dll
MOD - [2006-11-02 11:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2006-11-02 11:46:03 | 000,149,019 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crtdll.dll
MOD - [2006-11-02 11:46:03 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2006-11-02 11:46:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2006-11-02 11:46:02 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avicap32.dll
MOD - [2006-11-02 11:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
MOD - [2006-11-02 11:44:49 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vidcap.ax
MOD - [2006-11-02 11:42:17 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2006-11-02 10:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:[b]64bit:[/b] - [2007-06-07 07:41:54 | 000,089,088 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV - [2012-06-15 19:50:18 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-04-26 22:55:22 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012-03-02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-03-30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2012-03-07 01:02:05 | 000,043,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012-02-29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-01-18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64) Logitech Webcam C100(UVC)
DRV:[b]64bit:[/b] - [2010-10-05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wacmoumonitor.sys -- (wacmoumonitor)
DRV:[b]64bit:[/b] - [2009-10-01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:[b]64bit:[/b] - [2009-09-21 16:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacomvhid.sys -- (wacomvhid)
DRV:[b]64bit:[/b] - [2007-08-29 10:44:38 | 000,435,200 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:[b]64bit:[/b] - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RTL8187.sys -- (RTL8187)
DRV:[b]64bit:[/b] - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rtlprot.sys -- (RtlProt)
DRV:[b]64bit:[/b] - [2007-02-16 11:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacommousefilter.sys -- (wacommousefilter)
DRV:[b]64bit:[/b] - [2006-12-05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PFC027.SYS -- (PAC207)
DRV:[b]64bit:[/b] - [2006-11-01 15:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2006-10-04 03:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\rtl8187.sys -- (RTL8187)
DRV - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\RtlProt.sys -- (RtlProt)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"]http://search.live.c...ferrer:source?}[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}"]http://search.live.c...ferrer:source?}[/url]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url]
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes,DefaultScope = {076D27D0-C78A-4A66-B52A-12D99FFF076C}
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/...Box&FORM=IE8SRC[/url]
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{076D27D0-C78A-4A66-B52A-12D99FFF076C}: "URL" = [url="http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"]http://www.google.pl...age={startPage}[/url]
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-14 20:46:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-26 22:55:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-03-24 08:52:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010-08-17 23:34:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions
[2012-05-02 23:08:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions
[2010-08-20 20:33:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-05-14 08:41:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-06-14 20:17:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-04-26 22:55:22 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010-07-12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012-02-21 08:41:53 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-21 08:41:53 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-02-21 08:41:53 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-02-21 08:41:53 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-21 08:41:53 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-21 08:41:53 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.1 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Szukaj w Google = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\
CHR - Extension: Gmail = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006-09-18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Clownfish] File not found
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} [url="http://www.mks.com.pl/skaner/SkanerOnline.cab"]http://www.mks.com.p...kanerOnline.cab[/url] (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE2FB989-13FA-4066-99BA-709859E0804C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C60D701E-D8B3-4FE9-8AE4-7E775635852B}: DhcpNameServer = 217.30.129.149 217.30.137.200
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)


MsConfig:64bit - StartUpFolder: C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE - ()
MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]AdobeAAMUpdater-1.0[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]AdobeCS5ServiceManager[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]AdobeCS6ServiceManager[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]SoundMAXPnP[/b] - hkey= - key= - C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
MsConfig:64bit - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: [b]WinampAgent[/b] - hkey= - key= - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] WinDefend - Service
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] BFE - Service
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] MPSSvc - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] WinDefend - Service
SafeBootNet:[b]64bit:[/b] WudfPf - Driver
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - Service
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-06-16 18:21:47 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\otl
[2012-06-16 09:20:45 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F18E1112-ACAD-42C3-A8F6-035695150961}
[2012-06-15 20:11:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Macromedia
[2012-06-15 20:04:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A50B2D25-0621-41FB-BF05-D0F8CC5FEC8C}
[2012-06-15 06:55:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3980419D-3125-4E2B-99C9-5DCDDCB7E729}
[2012-06-14 21:36:23 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-06-14 21:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-06-14 20:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012-06-14 20:47:43 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012-06-14 20:47:42 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012-06-14 20:47:37 | 000,043,864 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2012-06-14 20:47:36 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012-06-14 20:47:35 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012-06-14 20:47:33 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012-06-14 20:47:33 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012-06-14 20:46:41 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-06-14 20:46:40 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012-06-14 20:17:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-06-14 19:25:58 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2012-06-14 18:47:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Malwarebytes
[2012-06-14 18:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-06-14 18:46:56 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-06-14 18:37:12 | 000,000,000 | ---D | C] -- C:\Users\PC\DoctorWeb
[2012-06-14 07:21:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
[2012-06-14 07:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\B7E8587A00000ACB0000697B570F1C8B
[2012-06-13 21:36:36 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Książki do reader eboka FB2
[2012-06-13 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4EDD805B-FF6F-4ACE-A3FF-A2A62ADA47C2}
[2012-06-13 21:01:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4586C0FD-7567-4CCC-B40A-899B4AAF9C2F}
[2012-06-12 20:32:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5443EA41-DD78-4877-94C0-F9128701CAFA}
[2012-06-12 20:32:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{18329BDE-2E8F-451C-8259-8852D3ECE25C}
[2012-06-12 07:22:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E5280B9B-5765-47E6-8F87-CC368C35EFA7}
[2012-06-12 07:21:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{95F9D0F6-F12E-46DC-A6B9-9C27D53116B1}
[2012-06-11 17:29:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{69499181-F1A3-4E39-B2C1-0C19B533626E}
[2012-06-11 17:29:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{12D94208-0637-4440-9129-D87B1D695DCE}
[2012-06-11 06:13:56 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\akcesoria do smazalni
[2012-06-10 21:59:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F3106188-2B5E-47B7-A9CD-13B99A2F0D9B}
[2012-06-10 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BD8018E5-FCD0-4B16-8A2F-2E3968C0C0A5}
[2012-06-10 19:43:59 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\sklep u Oli czerwiec 2012
[2012-06-10 09:58:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9A0D88DE-6EA7-4254-91FD-A0E43926C782}
[2012-06-10 09:58:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FC13A55C-FB09-4848-BBC4-BF92DA2AFD50}
[2012-06-09 21:58:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E86127A8-9605-4F48-A859-0C33B23F5740}
[2012-06-09 21:57:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4794BF80-E325-466E-9E7B-50818F4470E3}
[2012-06-09 19:58:45 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\szkolenie Gdańsk 09062012 Z.Kubat
[2012-06-08 09:23:07 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Aloes skany
[2012-06-08 08:18:55 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Katalog 2011 FLP w jpg
[2012-06-08 07:33:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{52E88903-73A8-41C9-9C3B-CC35ABA3EAE3}
[2012-06-08 07:33:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4CB4111F-09CD-4A95-9C21-DFA58ACEC969}
[2012-06-07 19:33:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{660B6176-5A2F-4517-8FEC-5D3A4A683F71}
[2012-06-07 19:32:59 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7D0C31BD-353B-4300-8A9F-94C4A2ECB58C}
[2012-06-06 18:34:25 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6B9505A7-A238-4BBC-814B-95606ED9D494}
[2012-06-06 18:34:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DE5019EF-6C87-4816-ADD3-F2F3CBCE24F6}
[2012-06-06 07:35:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6C3E76FD-5E26-4365-9E42-202A936508A6}
[2012-06-05 19:34:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{98AAED9F-DB82-4912-BF95-2A356D6A9309}
[2012-06-05 19:34:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EBE2AF05-B210-48B9-B105-9462CE2DCFEC}
[2012-06-04 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BAE449E5-DA0D-4076-8710-BF45CB6A7D9A}
[2012-06-04 20:50:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{21106E41-72BC-43C0-8253-8858762542E0}
[2012-06-04 05:46:00 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{70DD7591-AA16-4EA3-AD32-20C8AD0FF109}
[2012-06-04 05:45:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7353FC5F-F42B-4774-BF5C-B852FED785C1}
[2012-06-03 16:05:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F6DD6725-D63E-4C4B-B7DE-63980F5E4446}
[2012-06-03 16:05:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E6ABF2FD-A280-4A10-9FFA-F11408851590}
[2012-06-02 07:38:18 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD7BE399-4DAA-49A1-8B48-DC8D777717C9}
[2012-06-02 07:38:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{634614C4-D75B-4B87-839E-2EB827E74944}
[2012-06-01 20:27:18 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Adobe
[2012-06-01 19:42:20 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\NVIDIA
[2012-06-01 18:42:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{27AAFDFC-C7B8-42C4-92E3-055E0EBC9C39}
[2012-06-01 18:42:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2A443356-19F1-4A2E-8CF0-6C12EB222AC3}
[2012-05-30 19:05:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{79D2E019-A289-4443-A28A-7020A614399C}
[2012-05-30 19:05:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{07DDC23A-4E96-4210-80B5-14449503C326}
[2012-05-30 07:05:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{0C577AA4-0559-480F-B048-A327EE796CCC}
[2012-05-30 07:05:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3FA364B3-C327-41E8-BC4C-E534FE293ADA}
[2012-05-29 19:04:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{640EA363-A243-425E-A263-D30715CDCB4E}
[2012-05-29 19:04:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{99DEA1FF-178F-45AE-9042-CBB0E0D47777}
[2012-05-29 07:04:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3F8CA39C-0A1E-4CD5-BEA5-40FB83C8480B}
[2012-05-29 07:03:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C20D7D57-9BC7-4FFD-A62A-C15735130FC0}
[2012-05-28 17:29:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F8FD399B-930C-4D26-8B83-147CB4CD5689}
[2012-05-28 17:28:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD89645A-02E0-4CC0-9073-2659E8101112}
[2012-05-27 22:08:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EC9AAE7A-DCB7-471D-B704-BDADA3ED926A}
[2012-05-27 22:08:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A2772B43-4482-4B0A-90CB-386F42F01D07}
[2012-05-27 10:08:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{844AAB1B-A0EC-4E23-B851-D49DC9761B61}
[2012-05-27 10:08:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{30640AA1-9C5E-4C60-BD03-1BFAB1D8F9BD}
[2012-05-25 21:23:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9670358C-2424-43BD-827A-FD3960CDEBC9}
[2012-05-25 21:22:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4D06EFB9-6451-497F-A94D-1B9EE2B002A4}
[2012-05-24 21:56:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C08E8099-07DC-4050-8965-5EEEA61747BD}
[2012-05-24 21:55:58 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DF28F0E8-C953-432F-852F-D108F414BB8D}
[2012-05-23 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B162FFE1-FF52-40F7-B6F9-D6B22AB72A31}
[2012-05-23 21:37:24 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{25FCFBE5-FE41-47D9-8953-B3DC732079CF}
[2012-05-23 08:32:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{CA5F10C8-0546-4BB2-A097-48602E03FDDC}
[2012-05-23 08:32:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{229428F4-6CD2-4A84-9261-CA4B67C7264D}
[2012-05-22 20:31:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7DAE0945-7BB0-4A6B-90DA-78BC25BA4F6B}
[2012-05-22 20:30:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4861FC68-CA64-46F4-99DD-D7E5589F849B}
[2012-05-22 08:30:26 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9405F964-1881-4CEE-B554-A81ABF55BE61}
[2012-05-22 08:30:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{142491D3-5CCB-40B1-808E-D167E2F037F7}
[2012-05-21 20:29:52 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1E5FAAB7-3F0A-423D-AF86-178BACA5D1EF}
[2012-05-21 20:29:41 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F0A86C97-93B0-404D-B8C1-C47F640BC784}
[2012-05-21 08:29:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B610FE54-AD8D-41DD-9C2F-A5FCA8CAA032}
[2012-05-21 08:29:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A65F79AF-8336-4BDE-AE01-4C7FBBAF5F0C}
[2012-05-20 20:28:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2FFD11E8-684E-4668-A07E-4837AA5C4EF9}
[2012-05-20 20:28:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DD2DA2C4-A08A-4355-AFBB-82E3DF758089}
[2012-05-20 08:12:27 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{153AB40A-2ACF-4EF9-9B2D-4956D8E466B2}
[2012-05-20 08:12:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{D51B57BD-74AC-48D0-9ED5-F2B6C3288EE7}
[2012-05-19 18:02:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1DAAFAA7-A6A8-47E3-A1C4-FF91B552FF1B}
[2012-05-19 18:01:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{96CD979C-39E9-4CBB-9C47-89C29C622BC4}
[2012-05-18 22:28:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{47195980-942F-4C45-83B4-2B877B7F8BA5}
[2012-05-18 22:28:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5A3DCE6F-EF82-42C9-9D96-A72E53D6C420}
[2012-05-18 07:14:25 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C6D7CAEB-17AB-4C6D-BAAD-C95BC67A7154}
[2012-05-17 07:30:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{25AFE33E-F507-40CE-94EC-31EB4E6AB5C2}
[2012-05-17 07:29:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C64AB374-DA7B-4215-BA0C-F6FF7689B573}
[2012-05-16 19:23:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A672EDEA-A3C2-4829-A1A9-91276AAC570B}
[2012-05-16 19:23:21 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B225FFCE-AE41-4D35-83B3-2D07533D8323}
[2012-05-16 07:23:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BFF7B9E8-38BC-4C40-8AA7-F60ADE96DE7E}
[2012-05-16 07:22:58 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F98C789B-0E48-4C72-9ED7-66F9834645F1}
[2012-05-15 19:22:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6C91E88B-6005-4B6C-9363-1B647A6E9BE7}
[2012-05-15 19:22:24 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2071076B-5182-4105-8086-52D81A88E69A}
[2012-05-15 07:21:59 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4783D42A-7F8D-45D2-8AD4-217DD6702D7F}
[2012-05-15 07:21:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{41F692BC-DEF4-429E-99DB-3F69924B09CA}
[2012-05-14 21:43:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2012-05-14 21:43:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec
[2012-05-14 21:43:06 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\SelfMV
[2012-05-14 19:19:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E6ADC3B9-AB90-4DCC-BFBB-0D7443EE38D1}
[2012-05-14 19:19:39 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7893E44A-63D1-46BD-B194-6DF422DBEF2F}
[2012-05-14 06:18:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A2F390EE-3997-428F-A421-893C294654B5}
[2012-05-14 06:18:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{350A2D22-A75E-49B4-B0ED-D6AF8B9FB510}
[2012-05-13 18:04:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Temp
[2012-05-13 14:51:47 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Samsung
[2012-05-13 14:51:42 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\samsung
[2012-05-13 14:51:15 | 000,203,320 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudserd.sys
[2012-05-13 14:51:15 | 000,203,320 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2012-05-13 14:51:15 | 000,099,384 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2012-05-13 14:48:28 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2012-05-13 14:47:51 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2012-05-13 14:47:51 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\Windows\SysWow64\drivers\dgderdrv.sys
[2012-05-13 14:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2012-05-13 14:47:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2012-05-13 12:40:20 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EA5F337A-40AC-4FDC-8EC8-9261F88AA002}
[2012-05-13 12:40:10 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{41067B56-F2AC-4A1B-8875-45B2F2B33A5A}
[2012-05-12 23:49:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5B072225-2B2D-439E-B7A4-82D4BDF16981}
[2012-05-12 23:49:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{829DFE31-7DDF-4FBF-A372-242A8529C83C}
[2012-05-12 11:49:21 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{98023137-88EE-4E97-A243-A75CA1FE5579}
[2012-05-12 11:49:10 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F3303A99-EDAF-4C6A-9D25-4413D2380981}
[2012-05-11 22:08:47 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{60FFA8FE-E8A6-4B5A-BB33-7F15AE7BDDFC}
[2012-05-11 22:08:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F4964892-0A5C-44F2-8A16-7194F5059F1B}
[2012-05-10 20:48:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{733DC379-9D5A-4204-871A-6C50BB07038C}
[2012-05-10 20:48:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7975F704-8DBF-4D71-8EDC-40760119964D}
[2012-05-10 06:52:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{211F2F4A-0C2D-4EEE-A92C-FDC49E95D3D1}
[2012-05-10 06:52:43 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{27D764C3-0095-49B3-80AD-8A77365AEBA8}
[2012-05-09 18:52:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9D14EDEF-654D-43C6-8966-75592BF99D47}
[2012-05-09 18:52:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7D69A488-1CB9-4E2F-B90F-A963E8717358}
[2012-05-08 23:32:47 | 000,000,000 | ---D | C] -- C:\Download
[2012-05-08 23:32:33 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\My Videos
[2012-05-08 23:32:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Samsung
[2012-05-08 23:32:31 | 000,000,000 | ---D | C] -- C:\AllShare
[2012-05-08 23:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2012-05-08 23:31:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2012-05-08 23:12:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Downloaded Installations
[2012-05-08 21:33:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{827853F4-1D18-4F84-A21E-A495738D49BB}
[2012-05-08 21:33:32 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B4A04DC1-25A6-4C9E-9FAA-D65BD684677D}
[2012-05-08 07:13:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F92E5DF2-8432-4A41-8858-6D53F949C2E8}
[2012-05-08 07:13:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E6F197C5-8A17-452A-8647-E59CBF61975A}
[2012-05-07 17:05:00 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2C9C64A6-8956-4AA5-B664-60AEAD4488C1}
[2012-05-07 17:04:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{AF45B0CE-B86A-4D96-9C66-5E5C5FC651A5}
[2012-05-06 22:36:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7F9E8483-6AD2-47CF-9D17-39600910DB74}
[2012-05-06 22:36:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{27F49C0D-38D8-4972-8F08-1930CF0C1E3C}
[2012-05-06 10:36:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7ABBC2AA-BA91-44E3-90B7-7DF0FD3EA9C9}
[2012-05-06 10:36:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BEF6BE91-BC74-4AE5-A19E-4CFCAF6A11BB}
[2012-05-05 11:45:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C0CDA4C6-ACF8-4A92-987D-FEED3EC00C32}
[2012-05-05 11:45:28 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{69AC5A75-E1BA-42B7-8E5E-B4D3C36C9CD6}
[2012-05-04 23:10:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{96AD2391-AA25-4413-B065-961D8C9A273D}
[2012-05-04 23:10:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FDA56231-B918-4C13-9FC0-A863F9AC1A70}
[2012-05-04 08:13:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7136449B-1004-471D-B160-8A09E9600C7D}
[2012-05-04 08:13:45 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{D2D30E61-D99B-49DC-87A0-ABFB69E99C17}
[2012-05-03 19:14:02 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{25965452-EAE6-4DB2-934A-36A3BD618B33}
[2012-05-03 19:13:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1F2BC59E-17D6-4E30-8501-FB92460BC6EE}
[2012-05-03 01:07:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{031298E9-A622-4894-9DAA-803868174CC4}
[2012-05-03 01:06:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{0AAE535F-2F5F-4E61-9402-61629BA1293E}
[2012-05-02 10:56:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F547848D-E476-4A10-8B58-89D366398883}
[2012-05-02 10:55:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B7049F98-4706-4A73-9910-5D124D689767}
[2012-05-01 22:19:02 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BBA221BF-FD17-401C-9477-C053F5E10E87}
[2012-05-01 22:18:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F35E146C-5C1F-48E5-8106-676BACEAC83A}
[2012-05-01 10:18:24 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9AA26027-DA6C-4FB1-BD26-72CDA47F0552}
[2012-05-01 10:18:13 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9F470F64-6B63-4E29-8E46-DCA535D8E6B5}
[2012-04-30 22:17:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4DFB4711-FF90-4CA7-BF48-B95325F88E7B}
[2012-04-30 22:17:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1DF0FB16-86B4-44E3-BC5B-5D81886E9CE0}
[2012-04-30 10:17:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{0A936CA9-741B-4D9C-96DF-E4F95B7618AA}
[2012-04-30 10:17:04 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{098463D5-4F91-493B-9F00-488AE349DCEB}
[2012-04-29 22:16:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{D0C07662-2F51-41D2-A769-2AF57F26C76D}
[2012-04-29 22:16:29 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{250A1715-3202-4712-BB22-237DE0B03BCF}
[2012-04-29 10:16:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{85DA1D67-01A0-4DA7-A8FC-77B1E51D6F55}
[2012-04-29 10:15:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BE0028B4-137E-4816-B2D4-2922288ECF22}
[2012-04-28 21:02:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DB7D8BA7-4C36-478C-B733-644D82E9BD0A}
[2012-04-28 21:02:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{81D4DBA2-679F-4A9A-B144-24D05651BB72}
[2012-04-28 09:02:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{83979BAE-99C3-4411-90B4-DFBFE175A296}
[2012-04-28 09:02:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C63A6F6F-BB69-424F-8BEC-B272B52CDBB0}
[2012-04-27 21:01:36 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1C8C6E0D-106F-4691-BFBE-FED3EBC2AB0E}
[2012-04-27 21:01:25 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6C76289E-40C8-45B4-9BC3-AA04792695FE}
[2012-04-27 06:43:10 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{19F2D99C-C09E-4EE0-A31A-F6EAC9878CFC}
[2012-04-27 06:42:59 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E8AFC782-343F-4F0F-8017-EE83A0B17631}
[2012-04-26 22:55:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-04-26 22:55:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-04-26 16:51:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{77DFD756-A1B7-4C8E-8367-CAC0BBDFB710}
[2012-04-26 16:51:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{74DFCAE0-AC12-4286-A857-55DBB35FACA6}
[2012-04-26 07:05:47 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{94296090-E685-491B-9C2A-FB7444BEFBDA}
[2012-04-25 18:46:26 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B392D394-5874-41C6-9963-42DEB9498FEE}
[2012-04-25 18:46:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{78011D40-4348-417B-92D4-F3A6F341BFA4}
[2012-04-25 06:45:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{223303DA-FB84-4FA7-9B71-F4A430682E47}
[2012-04-25 06:45:39 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{8D6E948B-439F-4D84-9166-0DE205F81D5F}
[2012-04-24 18:45:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C3AF48B1-13E4-4FF7-859C-5EB5FF915D95}
[2012-04-24 18:45:04 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{90CEC225-8617-4033-915E-F7581589E141}
[2012-04-24 06:44:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EFAD63F7-5B71-4520-B719-52C0663F3B12}
[2012-04-24 06:44:27 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C4DF2B45-16B1-44D7-A1E1-3C9E7B582FD9}
[2012-04-23 17:02:21 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E12BF02E-536C-49CD-962B-888F1E08DE87}
[2012-04-23 17:02:10 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DC01F7E3-FFAF-4F7F-A851-7315B8F806B6}
[2012-04-22 22:14:29 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\klupś cennik
[2012-04-22 22:09:10 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD85F0FB-1A15-4A3B-BD62-CEF315F2E572}
[2012-04-22 22:08:59 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2500BFB2-875D-4041-A0C4-80CE3EC4B4A2}
[2012-04-22 09:34:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E53CEFAF-2DCD-4775-9CBC-12EABAB853B8}
[2012-04-22 09:34:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{91FEFEEA-9D77-4FD0-B530-F52545373E62}
[2012-04-21 21:33:41 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{0A4DCC67-901D-40A4-9AA2-5EC06D0E08D0}
[2012-04-21 21:33:30 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{40B96F02-9A22-4F5D-8DF7-DE51BA2D8ACE}
[2012-04-21 19:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-04-21 19:55:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-04-21 09:33:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5D5BCAB8-DD4E-49BD-8B53-A26F3AB1C602}
[2012-04-21 09:32:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F7DFD4FD-F937-4B1E-8230-36900D4CF32D}
[2012-04-20 21:32:29 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5511A564-11B5-408C-B054-5E7A026D0212}
[2012-04-20 21:32:18 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9ADDFF17-3C5B-4131-BEB9-28BCB61C554F}
[2012-04-20 20:33:13 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DD0C0788-B02D-43AC-8940-FC6F1BE6897D}
[2012-04-20 20:06:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6EAB149B-A81C-4F9D-A54E-594CDC16C3B8}
[2012-04-20 06:56:28 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{170F7A8C-C359-4BD9-8E7C-4F6CAB8C01D2}
[2012-04-20 06:56:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5B14DEC7-8F73-43C6-8678-015B13F9143D}
[2012-04-19 20:48:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4B54DDFB-A71C-42A7-AC03-C5B9BB723BB7}
[2012-04-19 08:13:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E2025A3D-C587-41EE-8DBF-EB3246D755F5}
[2012-04-19 08:13:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{77EA6E16-DA4E-479E-9EC9-2C46D7CDD85F}
[2012-04-18 20:13:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E8775926-4568-4AEA-A550-BAE50508F191}
[2012-04-18 20:12:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7BD9F8E1-C1C0-4E86-91D3-076E3AB7B6DB}
[2012-04-18 08:12:00 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{CC91A330-A68E-43F6-AF3F-ACEE40F4E35D}
[2012-04-18 08:11:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{687EC378-FB19-4376-B782-3D46F9D4FC3B}
[2012-04-17 20:11:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E6157FDC-DD0C-4451-B018-BA49B053B630}
[2012-04-17 20:11:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E73A2B59-9EA1-4EB0-9802-97130FBDE377}
[2011-05-06 19:12:30 | 001,233,920 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4.dll
[2011-05-06 19:12:30 | 000,044,544 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4a.dll
[2011-04-29 13:53:20 | 000,082,432 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4r.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-06-16 18:32:11 | 003,145,728 | -HS- | M] () -- C:\Users\PC\NTUSER.DAT
[2012-06-16 18:21:15 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-06-16 18:13:25 | 001,495,500 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-16 18:13:25 | 000,672,140 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-06-16 18:13:25 | 000,596,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-16 18:13:25 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-06-16 18:13:25 | 000,104,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-16 18:07:39 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012-06-16 18:07:39 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012-06-16 18:07:17 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-16 18:07:17 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-16 18:07:14 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-16 18:07:14 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\RtlVistaStart.job
[2012-06-16 18:07:12 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-06-16 18:07:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-16 18:07:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2012-06-16 13:22:31 | 000,524,288 | -HS- | M] () -- C:\Users\PC\NTUSER.DAT{dffff4ff-eabb-11e0-aa0b-001fc60130cb}.TMContainer00000000000000000001.regtrans-ms
[2012-06-16 13:22:31 | 000,065,536 | -HS- | M] () -- C:\Users\PC\NTUSER.DAT{dffff4ff-eabb-11e0-aa0b-001fc60130cb}.TM.blf
[2012-06-16 13:22:09 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012-06-16 13:07:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-16 07:36:39 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012-06-16 01:54:47 | 001,869,772 | -H-- | M] () -- C:\Users\PC\AppData\Local\IconCache.db
[2012-06-16 01:49:26 | 000,030,664 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr
[2012-06-16 01:43:42 | 000,011,887 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr
[2012-06-15 07:45:49 | 000,138,936 | ---- | M] () -- C:\Users\PC\Desktop\komunikat avast 15062012.jpg
[2012-06-14 21:56:50 | 000,145,488 | ---- | M] () -- C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-06-14 21:55:39 | 005,043,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-06-14 20:47:47 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-06-14 20:47:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-06-14 07:47:05 | 000,001,460 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat
[2012-06-13 06:32:49 | 000,023,758 | ---- | M] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr
[2012-06-13 06:22:08 | 001,272,603 | ---- | M] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf
[2012-06-13 06:07:27 | 000,020,802 | ---- | M] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr
[2012-06-12 15:01:37 | 000,100,851 | ---- | M] () -- C:\Users\PC\Desktop\neptun.eps
[2012-06-12 07:44:04 | 000,360,136 | ---- | M] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg
[2012-06-10 18:38:59 | 000,026,533 | ---- | M] () -- C:\Users\PC\Desktop\Rysunek1.eps
[2012-06-05 21:00:34 | 000,138,527 | ---- | M] () -- C:\Users\PC\Desktop\MLM.pdf
[2012-06-05 20:22:33 | 001,683,614 | ---- | M] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf
[2012-06-05 19:51:35 | 000,088,322 | ---- | M] () -- C:\Users\PC\Desktop\IdCard.pdf
[2012-06-03 23:18:48 | 003,701,146 | ---- | M] () -- C:\Users\PC\Desktop\katalog10_2011.pdf
[2012-06-03 17:42:32 | 000,076,910 | ---- | M] () -- C:\Windows\FontData.fdb
[2012-06-01 20:27:49 | 000,158,208 | ---- | M] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-21 08:18:41 | 000,415,621 | ---- | M] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf
[2012-05-19 18:11:31 | 031,905,004 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Civilization (Bongo, Bongo, Bongo).wav
[2012-05-19 18:11:22 | 030,293,864 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Shoo Shoo Baby.wav
[2012-05-19 18:11:13 | 030,164,498 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Sonny Boy.wav
[2012-05-19 18:11:04 | 028,071,220 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Rhumboogie.wav
[2012-05-19 18:10:55 | 034,503,940 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Hold Tight.wav
[2012-05-19 18:10:45 | 024,630,268 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Bounce Me Brother With a Solid Four.wav
[2012-05-19 18:10:37 | 029,176,696 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - When the Midnight Choo Choo Leaves for Alabama.wav
[2012-05-19 18:10:28 | 030,352,674 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Gimme Some Skin My Friend.wav
[2012-05-19 18:10:18 | 029,858,750 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Corns for My Country.wav
[2012-05-19 18:10:07 | 025,436,984 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Pagan Love Song.wav
[2012-05-19 18:09:58 | 025,150,056 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Way Down Yonder in New Orleans.wav
[2012-05-19 18:09:49 | 029,028,496 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Boogie Woogie Bugle Boy.wav
[2012-05-19 18:09:38 | 033,017,480 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Tuxedo Junction.wav
[2012-05-19 18:09:26 | 031,780,338 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Alexander's Ragtime Band.wav
[2012-05-19 18:09:13 | 028,188,830 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - I Can Dream, Can't I.wav
[2012-05-19 18:09:01 | 030,477,322 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Beer Barrel Polka.wav
[2012-05-19 18:08:47 | 030,305,640 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Beat Me Daddy, Eight to the Bar.wav
[2012-05-19 18:08:33 | 031,380,502 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Don't Sit Under the Appletree.wav
[2012-05-19 18:08:18 | 033,135,086 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Bei Mir Bist Du Schön.wav
[2012-05-19 18:08:00 | 033,497,290 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Rum and Coca Cola.wav
[2012-05-17 20:24:14 | 146,462,955 | ---- | M] () -- C:\Users\PC\Desktop\Radek Jochim17052012A.mp3
[2012-05-17 17:07:26 | 048,822,796 | ---- | M] () -- C:\Users\PC\Desktop\Radek Jochim 17.05.2012.mp3
[2012-05-13 14:51:40 | 000,001,788 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012-05-08 23:32:45 | 000,001,860 | ---- | M] () -- C:\Users\Public\Desktop\Samsung AllShare.lnk
[2012-05-03 00:54:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012-04-24 22:55:02 | 006,040,819 | ---- | M] () -- C:\Users\PC\Desktop\ProcuctBrochure_Pl.pdf
[2012-04-24 22:53:34 | 000,318,163 | ---- | M] () -- C:\Users\PC\Desktop\Cennikdetaliczny2012_04wersjadrugawww.pdf
[2012-04-24 22:52:53 | 000,151,363 | ---- | M] () -- C:\Users\PC\Desktop\Cennik_hurtowy_2012_04www.pdf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-06-16 13:22:07 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{c783b5ab-4acb-0500-129b-29439a59045e}\U\00000001.@
[2012-06-16 01:49:25 | 000,030,664 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr
[2012-06-16 01:45:08 | 000,100,851 | ---- | C] () -- C:\Users\PC\Desktop\neptun.eps
[2012-06-16 01:43:42 | 000,011,887 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr
[2012-06-15 07:45:44 | 000,138,936 | ---- | C] () -- C:\Users\PC\Desktop\komunikat avast 15062012.jpg
[2012-06-14 21:50:24 | 001,869,772 | -H-- | C] () -- C:\Users\PC\AppData\Local\IconCache.db
[2012-06-14 20:47:47 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-06-14 20:47:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012-06-13 06:32:49 | 000,020,802 | ---- | C] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr
[2012-06-13 06:22:08 | 001,272,603 | ---- | C] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf
[2012-06-13 06:07:27 | 000,023,758 | ---- | C] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr
[2012-06-12 07:44:01 | 000,360,136 | ---- | C] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg
[2012-06-10 18:38:54 | 000,026,533 | ---- | C] () -- C:\Users\PC\Desktop\Rysunek1.eps
[2012-06-05 21:00:34 | 000,138,527 | ---- | C] () -- C:\Users\PC\Desktop\MLM.pdf
[2012-06-05 20:22:33 | 001,683,614 | ---- | C] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf
[2012-06-05 19:51:35 | 000,088,322 | ---- | C] () -- C:\Users\PC\Desktop\IdCard.pdf
[2012-06-03 23:18:48 | 003,701,146 | ---- | C] () -- C:\Users\PC\Desktop\katalog10_2011.pdf
[2012-06-01 19:57:45 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2012-06-01 19:57:01 | 000,001,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2012-06-01 19:56:03 | 000,001,274 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2012-06-01 19:55:59 | 000,001,350 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2012-05-21 08:18:41 | 000,415,621 | ---- | C] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf
[2012-05-19 18:11:22 | 031,905,004 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Civilization (Bongo, Bongo, Bongo).wav
[2012-05-19 18:11:13 | 030,293,864 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Shoo Shoo Baby.wav
[2012-05-19 18:11:04 | 030,164,498 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Sonny Boy.wav
[2012-05-19 18:10:55 | 028,071,220 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Rhumboogie.wav
[2012-05-19 18:10:45 | 034,503,940 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Hold Tight.wav
[2012-05-19 18:10:37 | 024,630,268 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Bounce Me Brother With a Solid Four.wav
[2012-05-19 18:10:28 | 029,176,696 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - When the Midnight Choo Choo Leaves for Alabama.wav
[2012-05-19 18:10:18 | 030,352,674 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Gimme Some Skin My Friend.wav
[2012-05-19 18:10:07 | 029,858,750 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Corns for My Country.wav
[2012-05-19 18:09:58 | 025,436,984 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Pagan Love Song.wav
[2012-05-19 18:09:49 | 025,150,056 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Way Down Yonder in New Orleans.wav
[2012-05-19 18:09:38 | 029,028,496 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Boogie Woogie Bugle Boy.wav
[2012-05-19 18:09:26 | 033,017,480 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Tuxedo Junction.wav
[2012-05-19 18:09:13 | 031,780,338 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Alexander's Ragtime Band.wav
[2012-05-19 18:09:01 | 028,188,830 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - I Can Dream, Can't I.wav
[2012-05-19 18:08:47 | 030,477,322 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Beer Barrel Polka.wav
[2012-05-19 18:08:33 | 030,305,640 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Beat Me Daddy, Eight to the Bar.wav
[2012-05-19 18:08:18 | 031,380,502 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Don't Sit Under the Appletree.wav
[2012-05-19 18:08:00 | 033,135,086 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Bei Mir Bist Du Schön.wav
[2012-05-19 18:07:40 | 033,497,290 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Rum and Coca Cola.wav
[2012-05-17 20:18:39 | 146,462,955 | ---- | C] () -- C:\Users\PC\Desktop\Radek Jochim17052012A.mp3
[2012-05-17 20:07:15 | 048,822,796 | ---- | C] () -- C:\Users\PC\Desktop\Radek Jochim 17.05.2012.mp3
[2012-05-13 14:51:40 | 000,001,788 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012-05-08 23:32:45 | 000,001,860 | ---- | C] () -- C:\Users\Public\Desktop\Samsung AllShare.lnk
[2012-05-03 00:54:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012-04-24 22:55:02 | 006,040,819 | ---- | C] () -- C:\Users\PC\Desktop\ProcuctBrochure_Pl.pdf
[2012-04-24 22:53:34 | 000,318,163 | ---- | C] () -- C:\Users\PC\Desktop\Cennikdetaliczny2012_04wersjadrugawww.pdf
[2012-04-24 22:52:53 | 000,151,363 | ---- | C] () -- C:\Users\PC\Desktop\Cennik_hurtowy_2012_04www.pdf
[2012-01-18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012-01-18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012-01-18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012-01-11 19:33:16 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{c783b5ab-4acb-0500-129b-29439a59045e}\@
[2012-01-11 19:33:16 | 000,002,048 | -HS- | C] () -- C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\@
[2011-10-04 19:55:57 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011-09-18 22:06:48 | 000,001,496 | ---- | C] () -- C:\Users\PC\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
[2011-03-02 07:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011-03-02 07:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011-03-02 07:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011-03-02 07:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011-03-02 07:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2010-09-21 21:32:00 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-09-09 18:42:58 | 000,000,008 | RHS- | C] () -- C:\ProgramData\4808029583.sys
[2010-09-09 18:42:57 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010-08-17 23:42:18 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-08-17 23:34:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-08-17 12:21:50 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2010-08-17 11:27:38 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010-08-17 11:27:02 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010-08-17 11:26:12 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010-08-17 10:00:47 | 000,158,208 | ---- | C] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-16 17:12:48 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010-08-16 17:12:47 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010-08-16 16:56:43 | 000,000,680 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps.dat
[2010-08-16 16:51:50 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010-08-16 16:34:52 | 000,145,488 | ---- | C] () -- C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-08-16 16:34:32 | 000,001,460 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat

[color=#E56717]========== LOP Check ==========[/color]

[2011-03-04 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011-10-07 20:13:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\cryptlib
[2011-09-14 08:29:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FileZilla
[2010-08-17 23:53:09 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Gadu-Gadu 10
[2012-02-16 16:16:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GG
[2012-06-16 18:07:33 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ipla
[2011-08-06 22:37:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IrfanView
[2011-10-15 18:24:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Leadertech
[2010-09-08 21:45:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenFM
[2010-08-17 10:32:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenOffice.org
[2010-11-16 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\RDRM
[2012-05-13 14:51:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Samsung
[2010-09-09 21:35:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-04-17 07:19:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TeamViewer
[2012-05-14 21:50:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Temp
[2011-06-14 23:55:32 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Thinstall
[2012-04-02 23:20:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Windows Live Writer
[2012-06-16 18:07:14 | 000,000,258 | ---- | M] () -- C:\Windows\Tasks\RtlVistaStart.job
[2012-06-16 13:22:09 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2009-04-11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010-08-16 17:24:00 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011-04-03 15:11:07 | 000,001,564 | ---- | M] () -- C:\index.htm
[2012-05-27 09:48:50 | 000,037,670 | ---- | M] () -- C:\mksbasel.cpp.log
[2011-09-08 20:34:16 | 000,921,632 | ---- | M] () -- C:\PA207.DAT
[2012-06-16 18:07:07 | 312,668,159 | -HS- | M] () -- C:\pagefile.sys
[2012-03-11 18:08:14 | 000,109,056 | ---- | M] () -- C:\ulotka_calosc.doc
[2011-08-11 23:16:56 | 000,031,232 | ---- | M] () -- C:\UMOWA AGENCYJNO akwizycyjna.doc
[2011-08-13 09:12:35 | 000,030,720 | ---- | M] () -- C:\UMOWA HANDLOWA AMK ROMAR.doc
[2012-02-08 15:17:12 | 000,000,162 | -H-- | M] () -- C:\~$aczego warto stosować preparaty na bazie aloesu.dot

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2008-01-21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009-04-11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009-04-11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-01-21 04:46:54 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2009-04-11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SysNative\drivers\cdrom.sys
[2009-04-11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2008-01-21 04:50:38 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2009-04-11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\SysNative\drivers\ndis.sys
[2009-04-11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2012-04-04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009-04-11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009-04-11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008-01-21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008-01-21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 64 bytes -> C:\Users\PC\Desktop\SNC02502.mp4:TOC.WMV

< End of report >

[/log]

Extras [log]OTL Extras logfile created on: 2012-06-16 18:25:44 - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 51,52% Memory free
8,21 Gb Paging File | 5,92 Gb Available in Paging File | 72,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,26 Gb Total Space | 45,40 Gb Free Space | 30,21% Space Free | Partition Type: NTFS
Drive D: | 781,25 Gb Total Space | 258,06 Gb Free Space | 33,03% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 63 A2 6C 66 0C 48 CB 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3427946872-3053539125-2350841564-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[color=#E56717]========== Firewall Settings ==========[/color]

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.6.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Pen Tablet Driver" = Bamboo

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW® Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6834B8AE-D23B-4B26-A919-6515844CF2BA}" = CorelDRAW Graphics Suite X4 - Lang PL
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3 - Polish
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications ® Core - English
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BE686891-3C56-4714-AFEF-341A7867BA80}" = ASUS WiFi-AP Solo
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW® Graphics Suite X4 - Windows Shell Extension
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications ® Core
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{ED0FB0C1-CD06-4C29-B903-8A91D4BF5B61}_is1" = NexusFile (5.3.1.5460)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Clownfish" = Clownfish for Skype
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.0
"flashFONT" = flashFONT
"Gadu-Gadu 10" = Gadu-Gadu 10
"Google Chrome" = Google Chrome
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"ipla" = ipla 2.3.5
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.61.0.1400
"Mechanical Clock 3D Screensaver_is1" = Mechanical Clock 3D Screensaver 1.0
"Mozilla Firefox 12.0 (x86 pl)" = Mozilla Firefox 12.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"QuicktimeAlt_is1" = QuickTime Alternative 3.1.1
"RealAlt_is1" = Real Alternative 2.0.2
"SkanerOnline" = Skaner on-line mks_vir
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Winamp" = Winamp
"WinLiveSuite" = Podstawowe programy Windows Live

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-02-08 02:55:54 | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 2012-02-08 05:26:24 | Computer Name = PC-PC | Source = WinMgmt | ID = 10
Description =

Error - 2012-02-08 05:55:15 | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: 16b4 Godzina rozpoczęcia: 01cce6468e63c29e
Godzina
zakończenia: 12

Error - 2012-02-08 06:00:10 | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: 14c8 Godzina rozpoczęcia: 01cce647c336991e
Godzina
zakończenia: 11

Error - 2012-02-08 06:05:22 | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: 1798 Godzina rozpoczęcia: 01cce6487ac5909e
Godzina
zakończenia: 15

Error - 2012-02-08 09:15:17 | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = Program WINWORD.EXE w wersji 0.0.0.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: 1e68 Godzina rozpoczęcia: 01cce6638867e7fe
Godzina
zakończenia: 15

Error - 2012-02-08 09:15:47 | Computer Name = PC-PC | Source = SideBySide | ID = 16842830
Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\PC\Downloads\esetsmartinstaller_plk(1).exe”.
Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana
przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki
powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error - 2012-02-08 09:15:47 | Computer Name = PC-PC | Source = SideBySide | ID = 16842830
Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\PC\Downloads\esetsmartinstaller_plk.exe”.
Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana
przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki
powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error - 2012-02-08 09:39:01 | Computer Name = PC-PC | Source = WinMgmt | ID = 10
Description =

Error - 2012-02-08 09:46:47 | Computer Name = PC-PC | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 2011-02-16 16:35:21 | Computer Name = PC-PC | Source = Media Center Guide | ID = 0
Description = Informacje o zdarzeniu: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Proces: DefaultDomain Nazwa obiektu: Media Center
Guide

[ System Events ]
Error - 2012-06-16 06:40:41 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 2012-06-16 06:40:41 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 2012-06-16 06:40:41 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 2012-06-16 06:40:41 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-06-16 12:08:51 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 2012-06-16 12:08:51 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 2012-06-16 12:08:51 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 2012-06-16 12:08:51 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 2012-06-16 12:08:51 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-06-16 12:08:57 | Computer Name = PC-PC | Source = Dhcp | ID = 1001
Description = Komputerowi nie został przypisany adres z sieci (przez serwer DHCP)
dla karty sieciowej o adresie 0015AF51B859. Wystąpił następujący błąd: %%1223.
Komputer będzie dalej próbował sam uzyskać adres z serwera adresów sieciowych (DHCP).


< End of report >

[/log]

Oraz logi z rsit:
info: [log]info.txt logfile of random's system information tool 1.09 2012-06-16 22:13:14

======Uninstall list======

-->MsiExec /X{8A809006-C25A-4A3A-9DAB-94659BCDB107}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x9
7-Zip 4.65-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Photoshop CS6-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}"
Adobe Reader 9.3 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A93000000001}
ASUS WiFi-AP Solo-->C:\Program Files (x86)\InstallShield Installation Information\{BE686891-3C56-4714-AFEF-341A7867BA80}\SETUP.EXE -v"ISSCRIPTCMDLINE=\"-d -zREMOVE\"" -l0x0015 -removeonly
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
CameraHelperMsi-->MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3}
Clownfish for Skype-->"C:\Program Files (x86)\Clownfish\uninstall.exe"
CorelDRAW Graphics Suite X4 - Capture-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF012}
CorelDRAW Graphics Suite X4 - Content-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF016}
CorelDRAW Graphics Suite X4 - Draw-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF013}
CorelDRAW Graphics Suite X4 - Filters-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF017}
CorelDRAW Graphics Suite X4 - FontNav-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF019}
CorelDRAW Graphics SUite X4 - ICA-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF010}
CorelDRAW Graphics Suite X4 - IPM-->MsiExec.exe /I{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}
CorelDRAW Graphics Suite X4 - Lang PL-->MsiExec.exe /I{6834B8AE-D23B-4B26-A919-6515844CF2BA}
CorelDRAW Graphics Suite X4 - PP-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF014}
CorelDRAW Graphics Suite X4 - VBA-->MsiExec.exe /I{BF439B41-0252-48DE-8B8B-0430CB26A181}
CorelDRAW Graphics Suite X4-->MsiExec.exe /I{44A27085-0616-4181-A0C3-81C7ECA17F73}
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\Uninst.exe
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
CorelDRAW(R) Graphics Suite X4-->c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Setup\SetupARP.exe /arp
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
erLT-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
ESET Online Scanner v3-->C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
FileZilla Client 3.5.0-->C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe
flashFONT-->C:\Program Files\flashFONT\Odinstaluj.exe
Gadu-Gadu 10-->C:\Program Files (x86)\Gadu-Gadu 10\Uninstall.exe
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Earth-->MsiExec.exe /X{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Host OpenAL (ADI)-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x9 /remove
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B6E073B9-F238-379A-AA45-D323CD308DAE} /parameterfolder Client
ipla 2.3.5-->C:\Program Files (x86)\ipla\uninst.exe
IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
K-Lite Codec Pack 6.2.0 (Basic)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Logitech Webcam Software-->"C:\Program Files (x86)\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\setup.exe" /lang=PLK /guid="{D40EB009-0499-459c-A8AF-C9C110766215}"
LWS Facebook-->MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
LWS Gallery-->MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
LWS Help_main-->MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9}
LWS Launcher-->MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
LWS Motion Detection-->MsiExec.exe /I{71E66D3F-A009-44AB-8784-75E2819BA4BA}
LWS Pictures And Video-->MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967}
LWS Twitter-->MsiExec.exe /I{174A3B31-4C43-43DD-866F-73C9DB887B48}
LWS Video Mask Maker-->MsiExec.exe /I{EED027B7-0DB6-404B-8F45-6DFEE34A0441}
LWS Webcam Software-->MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189}
LWS WLM Plugin-->MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D}
LWS YouTube Plugin-->MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
Malwarebytes Anti-Malware wersja 1.61.0.1400-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Mechanical Clock 3D Screensaver 1.0-->"C:\Program Files (x86)\Mechanical Clock 3D Screensaver\unins000.exe"
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Mozilla Firefox 12.0 (x86 pl)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
NexusFile (5.3.1.5460)-->"C:\Program Files (x86)\NexusFile\unins000.exe"
NVIDIA PhysX-->MsiExec.exe /X{8A809006-C25A-4A3A-9DAB-94659BCDB107}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
OpenOffice.org 3.2-->MsiExec.exe /I{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PDF Settings CS6-->MsiExec.exe /I{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}
PlayReady PC Runtime x86-->MsiExec.exe /X{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}
Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
QuickTime Alternative 3.1.1-->"C:\Program Files (x86)\QuickTime Alternative\unins000.exe"
Real Alternative 2.0.2-->"C:\Program Files (x86)\Real Alternative\unins000.exe"
Samsung AllShare-->"C:\Program Files (x86)\InstallShield Installation Information\{DF47ACA3-7C78-4C08-8007-AC682563C9F1}\setup.exe" -runfromtemp -l0x0415 -removeonly
Samsung AllShare-->MsiExec.exe /I{DF47ACA3-7C78-4C08-8007-AC682563C9F1}
Samsung Kies-->"C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -runfromtemp -l0x0409 -removeonly
Samsung Kies-->MsiExec.exe /I{758C8301-2696-4855-AF45-534B1200980A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {480E8A87-3B8C-3ECE-8CEA-6B2349AE1C1F} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {897A5D64-963A-3C11-A176-F6766BD09D16} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
Skaner on-line mks_vir-->C:\Windows\system32\SkanerOnlineUninstall.exe
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.8-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
SoundMAX-->C:\Program Files (x86)\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe -runfromtemp -l0x0015 -removeonly
TeamViewer 6-->C:\Program Files (x86)\TeamViewer\Version6\uninstall.exe
TeamViewer 7-->C:\Program Files (x86)\TeamViewer\Version7\uninstall.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
WebTablet IE Plugin-->"C:\Program Files (x86)\TabletPlugins\ieUninstall.exe" /S
WebTablet Netscape Plugin-->"C:\Program Files (x86)\TabletPlugins\npUninstall.exe" /S
Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: PC-PC
Event Code: 7036
Message: Usługa Klient DNS weszła w stan uruchomienia.
Record Number: 238314
Source Name: Service Control Manager
Time Written: 20120210095435.000000-000
Event Type: Informacje
User:

Computer Name: PC-PC
Event Code: 7036
Message: Usługa Izolacja klucza CNG weszła w stan uruchomienia.
Record Number: 238313
Source Name: Service Control Manager
Time Written: 20120210095435.000000-000
Event Type: Informacje
User:

Computer Name: PC-PC
Event Code: 7036
Message: Usługa Usługa interfejsu magazynu sieciowego weszła w stan uruchomienia.
Record Number: 238312
Source Name: Service Control Manager
Time Written: 20120210095435.000000-000
Event Type: Informacje
User:

Computer Name: PC-PC
Event Code: 7036
Message: Usługa Pomoc TCP/IP NetBIOS weszła w stan uruchomienia.
Record Number: 238311
Source Name: Service Control Manager
Time Written: 20120210095435.000000-000
Event Type: Informacje
User:

Computer Name: PC-PC
Event Code: 7036
Message: Usługa Wacom Consumer Touch Service weszła w stan uruchomienia.
Record Number: 238310
Source Name: Service Control Manager
Time Written: 20120210095435.000000-000
Event Type: Informacje
User:

=====Application event log=====

Computer Name: PC-PC
Event Code: 1033
Message: Te zasady są wykluczane, ponieważ są zdefiniowane tylko z atrybutem pozwalającym wyłącznie na zastępowanie.
Nazwy=(IIS-W3SVC-MaxConcurrentRequests) (Telnet-Client-EnableTelnetClient) (Telnet-Client-EnableTelnetClient_w) (Telnet-Server-EnableTelnetServer) (Telnet-Server-EnableTelnetServer_w)
Identyfikator aplikacji=55c92734-d682-4d71-983e-d6ec3f16059f
Identyfikator SKU=f3acdd3c-119a-4932-a3d7-0b6f33a1dca9
Record Number: 14406
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20110127073839.000000-000
Event Type: Informacje
User:

Computer Name: PC-PC
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 14405
Source Name: Microsoft-Windows-WMI
Time Written: 20110127073839.000000-000
Event Type: Informacje
User:

Computer Name: PC-PC
Event Code: 102
Message: Windows (2820) Windows: Aparat bazy danych (6.00.6002.0000) uruchomił nowe wystąpienie (0).
Record Number: 14404
Source Name: ESENT
Time Written: 20110127073839.000000-000
Event Type: Informacje
User:

Computer Name: PC-PC
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 14403
Source Name: Microsoft-Windows-WMI
Time Written: 20110127073839.000000-000
Event Type: Informacje
User:

Computer Name: PC-PC
Event Code: 6000
Message: Subskrybent powiadomień usługi winlogon <SessionEnv> był niedostępny i nie mógł obsłużyć zdarzenia powiadamiania.
Record Number: 14402
Source Name: Microsoft-Windows-Winlogon
Time Written: 20110127073837.000000-000
Event Type: Informacje
User:

=====Security event log=====

Computer Name: PC-PC
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7

Uprawnienia: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 74008
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120115204530.049751-000
Event Type: Sukces inspekcji
User:

Computer Name: PC-PC
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: PC-PC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x250
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 74007
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120115204530.049751-000
Event Type: Sukces inspekcji
User:

Computer Name: PC-PC
Event Code: 4648
Message: Podjęto próbę logowania przy użyciu jawnych poświadczeń.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: PC-PC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Konto, którego poświadczenia zostały użyte:
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Serwer docelowy:
Nazwa serwera docelowego: localhost
Informacje dodatkowe: localhost

Informacje o procesie:
Identyfikator procesu: 0x250
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Adres sieciowy: -
Port: -

To zdarzenie jest generowane, gdy proces podejmie próbę zalogowania się na koncie, określając w sposób jawny poświadczenia konta. To zdarzenie najczęściej występuje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas używania polecenia RUNAS.
Record Number: 74006
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120115204530.049751-000
Event Type: Sukces inspekcji
User:

Computer Name: PC-PC
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-21-3427946872-3053539125-2350841564-1000
Nazwa konta: PC
Domena konta: PC-PC
Identyfikator logowania: 0x243f2

Uprawnienia: SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 74005
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120115204529.629751-000
Event Type: Sukces inspekcji
User:

Computer Name: PC-PC
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: PC-PC$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 2

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-21-3427946872-3053539125-2350841564-1000
Nazwa konta: PC
Domena konta: PC-PC
Identyfikator logowania: 0x243f2
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x2b4
Nazwa procesu: C:\Windows\System32\winlogon.exe

Informacje o sieci:
Nazwa stacji roboczej: PC-PC
Adres źródłowy sieci: 127.0.0.1
Port źródłowy: 0

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: User32
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 74004
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120115204529.629751-000
Event Type: Sukces inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;c:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\QuickTime Alternative\QTSystem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=4
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
"DFSTRACINGON"=FALSE
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

[/log]

i log [log]Logfile of random's system information tool 1.09 (written by random/random)
Run by PC at 2012-06-16 22:13:12
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 46 GB (30%) free of 154 GB
Total RAM: 4094 MB (67% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\RtlVistaStart.job

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\hqap91pz.default

prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.257 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
allegro-pl.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\hqap91pz.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocnik logowania za pomocą identyfikatora Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-05-30 4014280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-08-16 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundTray"=C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe [2007-08-02 53248]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]
"AllShareAgent"=C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [2012-03-01 285072]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-04-27 3521424]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"Gadu-Gadu 10"=C:\Program Files (x86)\Gadu-Gadu 10\gg.exe [2011-07-04 13374048]
"Clownfish"= []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-29 17148552]
"KiesHelper"=C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2012-04-27 955280]
"KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-05-13 21416]
"AdobeBridge"= []
"IPLA!"=C:\Program Files (x86)\ipla\ipla.exe [2012-05-11 19858432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ASUS WiFi-AP Solo.lnk - C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=lvcodec2.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-06-16 22:13:12 ----D---- C:\rsit
2012-06-16 22:13:12 ----D---- C:\Program Files (x86)\trend micro
2012-06-14 21:36:23 ----D---- C:\Windows\pss
2012-06-14 20:46:41 ----A---- C:\Windows\avastSS.scr
2012-06-14 20:46:40 ----A---- C:\Windows\SysWOW64\aswBoot.exe
2012-06-14 20:46:09 ----D---- C:\ProgramData\AVAST Software
2012-06-14 20:17:07 ----SHD---- C:\Config.Msi
2012-06-14 18:47:01 ----D---- C:\Users\PC\AppData\Roaming\Malwarebytes
2012-06-14 18:46:56 ----D---- C:\ProgramData\Malwarebytes
2012-06-14 18:46:56 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-14 07:17:52 ----D---- C:\ProgramData\B7E8587A00000ACB0000697B570F1C8B
2012-06-12 20:33:13 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-06-12 20:33:13 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-06-12 20:33:13 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-06-12 20:33:11 ----A---- C:\Windows\SysWOW64\url.dll
2012-06-12 20:33:11 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-06-12 20:33:11 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-06-12 20:33:10 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-06-12 20:33:09 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2012-06-12 20:33:08 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-06-12 20:33:07 ----A---- C:\Windows\SysWOW64\mstime.dll
2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\occache.dll
2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\licmgr10.dll
2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\ieui.dll
2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\iesetup.dll
2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\iernonce.dll
2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\iepeers.dll
2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2012-06-12 20:33:06 ----A---- C:\Windows\SysWOW64\ie4uinit.exe
2012-06-12 20:33:00 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2012-06-12 20:33:00 ----A---- C:\Windows\SysWOW64\cryptnet.dll
2012-06-12 20:33:00 ----A---- C:\Windows\SysWOW64\crypt32.dll
2012-06-04 05:41:41 ----A---- C:\Windows\dd_vcredistUI5878.txt
2012-06-04 05:41:41 ----A---- C:\Windows\dd_vcredistMSI5878.txt
2012-06-01 19:42:20 ----D---- C:\Users\PC\AppData\Roaming\NVIDIA

======List of files/folders modified in the last 1 month======

2012-06-16 22:13:12 ----RD---- C:\Program Files (x86)
2012-06-16 22:11:48 ----D---- C:\Windows\Prefetch
2012-06-16 22:09:32 ----D---- C:\Users\PC\AppData\Roaming\Skype
2012-06-16 22:01:46 ----D---- C:\Windows\Temp
2012-06-16 22:01:25 ----D---- C:\Windows\System32
2012-06-16 21:52:53 ----D---- C:\Windows\inf
2012-06-16 21:48:04 ----D---- C:\Users\PC\AppData\Roaming\ipla
2012-06-16 21:46:46 ----D---- C:\ProgramData\NVIDIA
2012-06-16 11:01:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-06-16 08:18:07 ----SHD---- C:\System Volume Information
2012-06-15 20:11:40 ----SD---- C:\Users\PC\AppData\Roaming\Microsoft
2012-06-15 19:50:18 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-14 21:36:23 ----D---- C:\Windows
2012-06-14 21:14:38 ----RD---- C:\Program Files
2012-06-14 20:47:33 ----D---- C:\Windows\SysWOW64
2012-06-14 20:47:11 ----SHD---- C:\Windows\Installer
2012-06-14 20:46:09 ----HD---- C:\ProgramData
2012-06-14 20:17:09 ----D---- C:\ProgramData\Skype
2012-06-14 18:50:04 ----A---- C:\Windows\ntbtlog.txt
2012-06-13 20:28:18 ----D---- C:\Windows\rescache
2012-06-13 20:23:06 ----D---- C:\Windows\winsxs
2012-06-13 20:22:20 ----D---- C:\Windows\Microsoft.NET
2012-06-13 20:22:09 ----RSD---- C:\Windows\assembly
2012-06-13 08:32:07 ----D---- C:\Windows\SysWOW64\migration
2012-06-13 08:32:07 ----D---- C:\Program Files (x86)\Internet Explorer
2012-06-13 08:32:06 ----D---- C:\Windows\SysWOW64\pl-PL
2012-06-10 09:15:34 ----D---- C:\Users\PC\AppData\Roaming\Winamp
2012-06-01 20:27:39 ----D---- C:\Users\PC\AppData\Roaming\Adobe
2012-06-01 19:57:58 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-06-01 19:56:35 ----RSD---- C:\Windows\Fonts
2012-06-01 19:56:03 ----D---- C:\ProgramData\Adobe
2012-06-01 19:56:03 ----D---- C:\Program Files (x86)\Common Files\Adobe
2012-06-01 19:56:02 ----D---- C:\Program Files (x86)\Adobe
2012-05-25 06:43:33 ----D---- C:\ProgramData\ALLPlayer
2012-05-25 06:43:33 ----D---- C:\Program Files (x86)\NAPI-PROJEKT
2012-05-17 19:56:03 ----D---- C:\ProgramData\ipla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AswRdr;aswRdr; C:\Windows\SysWOW64\drivers\AswRdr.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-02 25896]
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
R3 LVUVC64;Logitech Webcam C100(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys []
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 RTL8187;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187.sys [2007-04-03 262440]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys []
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys []
R3 yukonx64;Sterownik NDIS6.0 Miniport Driver dla kontrolera Marvell Yukon Ethernet; C:\Windows\system32\DRIVERS\yk60x64.sys []
S3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys []
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS []
S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys []
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys []
S3 usb_rndisx;Karta USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys []
S3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
S3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-05-30 3048136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2010-10-21 487280]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-06 136176]
S2 SamsungAllShareV2.0;Samsung AllShare PC; C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
S2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2010-10-21 5790064]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-15 257224]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-06 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-26 129976]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

[/log]

Z góry dziękuje za poświęcony czas.

Gość
komentarz
komentarz

[b]1.[/b] Start > w polu szukania wpisz [b]cmd[/b] > z prawokliku Uruchom jako Administrator. Wklej komendę:

[b]sfc /scanfile=C:\Windows\system32\services.exe[/b]

Zresetuj system.

[b]2.[/b] Start > w polu szukania wpisz [b]cmd[/b] > z prawokliku Uruchom jako Administrator. Wklej komendę:

[b]findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >sfc.txt & start notepad sfc.txt[/b]

Otworzy się log, który zachowaj i pokaż na forum.

winbooy
komentarz
komentarz

Ok, tak więc udało mi się zrobić skan Drweb do końca ale niestety, problem nadal występuje.
Następnie zrobiłem to co mi radziłeś i wrzucam log:
[log]2012-06-18 09:37:52, Info CSI 00000006 [SR] Verifying 1 components
2012-06-18 09:37:52, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2012-06-18 09:37:52, Info CSI 00000009 [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"services.exe" from store
2012-06-18 09:37:52, Info CSI 0000000b [SR] Verify complete
2012-06-18 09:37:52, Info CSI 0000000c [SR] Repairing 1 components
2012-06-18 09:37:52, Info CSI 0000000d [SR] Beginning Verify and Repair transaction
2012-06-18 09:37:52, Info CSI 0000000f [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"services.exe" from store
2012-06-18 09:37:52, Info CSI 00000011 [SR] Repair complete
2012-06-18 09:37:52, Info CSI 00000012 [SR] Committing transaction
2012-06-18 09:37:52, Info CSI 00000016 [SR] Unable to complete Verify and Repair transaction because some of the files that need to be repaired are in use. A reboot is required to complete this operation.
2012-06-18 09:37:52, Info CSI 00000017 [SR] Repairing 1 components
2012-06-18 09:37:52, Info CSI 00000018 [SR] Beginning Verify and Repair transaction
2012-06-18 09:37:52, Info CSI 0000001a [SR] Repairing corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"services.exe" from store
2012-06-18 09:37:53, Info CSI 0000001c [SR] Repair complete
[/log]

Na potwierdzenie wrzucam jeszcze komunikat z avasta, który tak co jakieś 5 min się pokazuje (avast wywala na raz 3 takie same komunikaty; w prawym dolnym rogu jest właśnie możliwość przewinięcia do następnego i wszystkie trzy są identyczne)
[url="http://postimage.org/image/3nfkkf9xn/"][img]http://s17.postimage.org/3nfkkf9xn/skrin.jpg[/img][/url]

Gość
komentarz
komentarz (edytowane)

Otwórz Notatnik i wklej

[code]reg delete HKCU\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /f
reg add HKLM\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /ve /t REG_SZ /d C:\WINDOWS\system32\wbem\wbemess.dll /f[/code]

[b]Z menu Notatnika > Plik > Zapisz jako > Ustaw rozszerzenie na Wszystkie pliki > Zapisz jako FIX.BAT[/b]


Plik umieść bezpośrednio na dysku [b]C[/b]

[b]Pobierz BlitzBlank[/b] [url="http://download1.emsisoft.com/BlitzBlank.exe"]http://download1.ems.../BlitzBlank.exe[/url]

uruchom go i w karcie [b]Script[/b] wklej:

[code]DeleteFolder:
C:\Windows\Installer\{c783b5ab-4acb-0500-129b-29439a59045e}\@
C:\Windows\SysNative\%APPDATA%
Execute:
C:\fix.bat[/code]

Klik w [b]Execute Now[/b]. Zatwierdź restart komputera. BlitzBlank wygeneruje na dysku C log z usuwania.

[b]3.[/b] Zaprezentuj raport z BlitzBlank

winbooy
komentarz
komentarz

BlitzBlank wyrzuca error: "Syntax error in line2, Inwalid folder path"

Zrobiłem wcześniej ten plik fix.bat który kazałeś i umieściłem go na dysku c.

Gość
komentarz
komentarz

To wklej do karty Script:

[code]DeleteFolder:
C:\Windows\Installer\{c783b5ab-4acb-0500-129b-29439a59045e}\@

Execute:
C:\fix.bat[/code]

winbooy
komentarz
komentarz

Znów ten sam komunikat: "Syntax error in line 2, Invalid folder path"

Gość
komentarz
komentarz

Pobierz SystemLook http://jpshortstuff.247fixes.com/SystemLook_x64.exe

Uruchom i w białe pole wklej

[code]:reg
HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
:filefind
services.exe[/code]

kliknij w Look. Przedstaw raport

winbooy
komentarz
komentarz

Ok, wrzucam raport:
[log]SystemLook 30.07.11 by jpshortstuff
Log created at 11:39 on 18/06/2012 by PC
Administrator - Elevation successful

========== reg ==========

[HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}]
(No values found)

[HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32]
"ThreadingModel"="Both"
@="C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\n."


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}]
@="Microsoft WBEM New Event Subsystem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32]
@="%systemroot%\system32\wbem\wbemess.dll"
"ThreadingModel"="Both"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}]
@="MruPidlList"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
@="%SystemRoot%\system32\shell32.dll"
"ThreadingModel"="Apartment"


========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 384512 bytes [09:26 17/08/2010] [07:10 11/04/2009] BC81150939BD52DBC7A08C245F1FB229
C:\Windows\SysWOW64\services.exe --a---- 279552 bytes [09:26 17/08/2010] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe --a---- 384512 bytes [02:49 21/01/2008] [02:49 21/01/2008] DFAC660F0F139276CC9299812DE42719
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe --a---- 384512 bytes [09:26 17/08/2010] [07:10 11/04/2009] 934E0B7D77FF78C18D9F8891221B6DE3
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe --a---- 279040 bytes [02:50 21/01/2008] [02:50 21/01/2008] 2B336AB6286D6C81FA02CBAB914E3C6C
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe --a---- 279552 bytes [09:26 17/08/2010] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B

-= EOF =-[/log]

Gość
komentarz
komentarz

1. Wyłacz całkiem Avasta, żeby nie przeszkadzał


2. Uruchom BlitzBlank i wklej

[code]DeleteFolder:
C:\Windows\Installer\{c783b5ab-4acb-0500-129b-29439a59045e}

Execute:
C:\fix.bat
[/code]

Teraz powinno załapać

winbooy
komentarz
komentarz

Ok, teraz dało radę; raport z BlitzBlank:
[log]

BlitzBlank 1.0.0.32

File/Registry Modification Engine native application
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\windows\installer\{c783b5ab-4acb-0500-129b-29439a59045e}", destinationDirectory = "(null)", replaceWithDummy = 0
MoveFileOnReboot: sourceFile = "\??\c:\windows\installer\{c783b5ab-4acb-0500-129b-29439a59045e}\@", destinationFile = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\windows\installer\{c783b5ab-4acb-0500-129b-29439a59045e}\L", destinationDirectory = "(null)", replaceWithDummy = 0
MoveDirectoryOnReboot: sourceDirectory = "\??\c:\windows\installer\{c783b5ab-4acb-0500-129b-29439a59045e}\U", destinationDirectory = "(null)", replaceWithDummy = 0
LaunchOnReboot: launchName = "\fix.bat", commandLine = "c:\fix.bat"
OpenDriver: ZwLoadDriver(\Registry\Machine\System\CurrentControlSet\Services\blzblk) failed: status = c0000428
LaunchOnReboot: OpenDriver failed: status = c0000428

[/log]

Gość
komentarz
komentarz

Wykonaj nowy skan OTL i przedstaw raport. Ale zrób skan wg tej instrukcji

Po uruchomieniu OTL zaznacz wszystkie sekcje na [b]Uzyj filtrowania[/b]
Zaznacz [b]Wszyscy użytkownicy[/b]
zaznacz infekcja [b]Lop i infekcja Purity[/b]

i kliknij w [b]Skanuj[/b]

żebyś mi żadnych skryptów nie wklejał :slabe:

winbooy
komentarz
komentarz

Ok, kolejne logi z otl:
OTL [log]OTL logfile created on: 2012-06-18 12:09:53 - Run 2
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 44,35% Memory free
8,21 Gb Paging File | 5,60 Gb Available in Paging File | 68,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,26 Gb Total Space | 49,82 Gb Free Space | 33,16% Space Free | Partition Type: NTFS
Drive D: | 781,25 Gb Total Space | 257,74 Gb Free Space | 32,99% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-06-16 18:20:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\otl\OTL.exe
PRC - [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012-05-11 16:33:52 | 019,858,432 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe
PRC - [2012-04-27 02:13:06 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2012-03-01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
PRC - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012-01-19 13:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012-01-19 13:26:18 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011-11-11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011-07-04 19:46:08 | 000,537,184 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\open-fm.exe
PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe
PRC - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2007-08-02 17:45:50 | 000,053,248 | ---- | M] (Sonic Focus, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007-04-03 10:30:56 | 000,995,328 | ---- | M] (AzureWave.com) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe
PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-06-15 19:50:17 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
MOD - [2012-06-13 06:46:12 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012-06-13 05:47:55 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012-06-13 05:47:40 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012-06-13 05:47:36 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012-06-13 05:47:29 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012-06-13 05:47:28 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012-06-07 10:14:43 | 000,441,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
MOD - [2012-06-07 10:14:42 | 003,922,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012-06-07 10:13:27 | 000,553,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libglesv2.dll
MOD - [2012-06-07 10:13:26 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libegl.dll
MOD - [2012-06-07 10:13:16 | 000,134,696 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012-06-07 10:13:15 | 000,250,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012-06-07 10:13:14 | 002,375,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\PROGRA~2\Google\Chrome\APPLIC~1\190108~1.56\gcswf32.dll
MOD - [2012-05-13 14:52:15 | 000,115,137 | ---- | M] () -- C:\Users\PC\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll
MOD - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012-05-11 21:21:44 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012-05-11 21:20:20 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll
MOD - [2012-05-11 21:20:13 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012-05-11 16:25:24 | 000,292,864 | ---- | M] () -- C:\Program Files (x86)\ipla\MediaFileScanner.dll
MOD - [2012-05-11 16:24:42 | 000,386,560 | ---- | M] () -- C:\Program Files (x86)\ipla\jabberoo.dll
MOD - [2012-05-11 16:22:40 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\ipla\lua.dll
MOD - [2012-05-11 16:21:52 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\ipla\ziplib.dll
MOD - [2012-05-11 07:31:34 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012-05-11 07:26:57 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012-05-11 07:26:53 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012-05-11 07:26:50 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012-05-11 07:26:48 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012-05-11 07:26:43 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2011-08-12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
MOD - [2011-08-12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
MOD - [2011-08-12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
MOD - [2011-08-12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
MOD - [2011-08-12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
MOD - [2011-07-04 19:46:26 | 000,152,160 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggzip.dll
MOD - [2011-07-04 19:46:24 | 000,270,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggwebkit.dll
MOD - [2011-07-04 19:46:22 | 000,111,200 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggradiocore.dll
MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 19:46:20 | 000,111,200 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggradio.dll
MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 19:46:16 | 000,127,584 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcimproxy.dll
MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 19:46:14 | 000,086,624 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gghttp.dll
MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-07-04 19:46:08 | 000,537,184 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\open-fm.exe
MOD - [2011-05-22 19:21:36 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 10:59:40 | 000,946,688 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libxml2.dll
MOD - [2011-02-17 10:59:40 | 000,438,272 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libgstreamer-0.10.dll
MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 10:59:40 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libgstinterfaces-0.10.dll
MOD - [2011-02-17 10:59:40 | 000,033,098 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\iconv.dll
MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll
MOD - [2007-03-09 14:29:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\ASUS WiFi-AP Solo\EnumDevLib.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:[b]64bit:[/b] - [2007-06-07 07:41:54 | 000,089,088 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV - [2012-06-15 19:50:18 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-04-26 22:55:22 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012-03-02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-03-30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-01-21 04:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008-01-21 04:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2012-03-07 01:02:05 | 000,043,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012-02-29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-01-18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64) Logitech Webcam C100(UVC)
DRV:[b]64bit:[/b] - [2010-10-05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wacmoumonitor.sys -- (wacmoumonitor)
DRV:[b]64bit:[/b] - [2009-10-01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:[b]64bit:[/b] - [2009-09-21 16:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacomvhid.sys -- (wacomvhid)
DRV:[b]64bit:[/b] - [2009-04-11 07:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2007-08-29 10:44:38 | 000,435,200 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:[b]64bit:[/b] - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RTL8187.sys -- (RTL8187)
DRV:[b]64bit:[/b] - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rtlprot.sys -- (RtlProt)
DRV:[b]64bit:[/b] - [2007-02-16 11:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacommousefilter.sys -- (wacommousefilter)
DRV:[b]64bit:[/b] - [2006-12-05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PFC027.SYS -- (PAC207)
DRV:[b]64bit:[/b] - [2006-11-01 15:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2006-10-04 03:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\rtl8187.sys -- (RTL8187)
DRV - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\RtlProt.sys -- (RtlProt)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes,DefaultScope = {076D27D0-C78A-4A66-B52A-12D99FFF076C}
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{076D27D0-C78A-4A66-B52A-12D99FFF076C}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-14 20:46:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-26 22:55:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-03-24 08:52:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010-08-17 23:34:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions
[2012-05-02 23:08:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions
[2010-08-20 20:33:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-05-14 08:41:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-06-14 20:17:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-04-26 22:55:22 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010-07-12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012-02-21 08:41:53 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-21 08:41:53 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-02-21 08:41:53 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-02-21 08:41:53 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-21 08:41:53 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-21 08:41:53 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.1 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Szukaj w Google = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\
CHR - Extension: Gmail = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006-09-18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Clownfish] File not found
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE2FB989-13FA-4066-99BA-709859E0804C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C60D701E-D8B3-4FE9-8AE4-7E775635852B}: DhcpNameServer = 217.30.129.149 217.30.137.200
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-06-18 07:55:48 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\foty
[2012-06-18 06:59:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{87282A05-CC52-44B4-AE2E-010D5CFEDA3E}
[2012-06-17 09:27:43 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E586C701-F058-48CC-A28C-D03D8FD95D73}
[2012-06-16 22:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-06-16 22:13:12 | 000,000,000 | ---D | C] -- C:\rsit
[2012-06-16 21:21:10 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DB9F142A-E3E4-4072-8EC0-6D200B702FE7}
[2012-06-16 18:21:47 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\otl
[2012-06-16 09:20:45 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F18E1112-ACAD-42C3-A8F6-035695150961}
[2012-06-15 20:11:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Macromedia
[2012-06-15 20:04:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A50B2D25-0621-41FB-BF05-D0F8CC5FEC8C}
[2012-06-15 06:55:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3980419D-3125-4E2B-99C9-5DCDDCB7E729}
[2012-06-14 21:36:23 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-06-14 21:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-06-14 20:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012-06-14 20:47:43 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012-06-14 20:47:42 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012-06-14 20:47:37 | 000,043,864 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2012-06-14 20:47:36 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012-06-14 20:47:35 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012-06-14 20:47:33 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012-06-14 20:47:33 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012-06-14 20:46:41 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-06-14 20:46:40 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012-06-14 20:17:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-06-14 19:25:58 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2012-06-14 18:47:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Malwarebytes
[2012-06-14 18:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-06-14 18:46:56 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-06-14 18:37:12 | 000,000,000 | ---D | C] -- C:\Users\PC\DoctorWeb
[2012-06-14 07:21:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
[2012-06-14 07:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\B7E8587A00000ACB0000697B570F1C8B
[2012-06-13 21:36:36 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Książki do reader eboka FB2
[2012-06-13 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4EDD805B-FF6F-4ACE-A3FF-A2A62ADA47C2}
[2012-06-13 21:01:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4586C0FD-7567-4CCC-B40A-899B4AAF9C2F}
[2012-06-12 20:33:11 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-06-12 20:33:09 | 000,742,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012-06-12 20:33:08 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012-06-12 20:33:08 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-06-12 20:33:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-06-12 20:33:07 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-06-12 20:33:07 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-06-12 20:33:07 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012-06-12 20:33:07 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012-06-12 20:33:07 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012-06-12 20:33:07 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-06-12 20:33:07 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-06-12 20:33:07 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-06-12 20:33:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012-06-12 20:33:07 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012-06-12 20:33:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012-06-12 20:33:06 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012-06-12 20:33:06 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012-06-12 20:33:06 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012-06-12 20:33:06 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-06-12 20:33:06 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-06-12 20:33:06 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012-06-12 20:33:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012-06-12 20:33:06 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012-06-12 20:33:06 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012-06-12 20:33:06 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012-06-12 20:33:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012-06-12 20:33:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012-06-12 20:33:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012-06-12 20:33:00 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012-06-12 20:33:00 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012-06-12 20:32:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5443EA41-DD78-4877-94C0-F9128701CAFA}
[2012-06-12 20:32:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{18329BDE-2E8F-451C-8259-8852D3ECE25C}
[2012-06-12 07:22:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E5280B9B-5765-47E6-8F87-CC368C35EFA7}
[2012-06-12 07:21:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{95F9D0F6-F12E-46DC-A6B9-9C27D53116B1}
[2012-06-11 17:29:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{69499181-F1A3-4E39-B2C1-0C19B533626E}
[2012-06-11 17:29:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{12D94208-0637-4440-9129-D87B1D695DCE}
[2012-06-11 06:13:56 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\akcesoria do smazalni
[2012-06-10 21:59:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F3106188-2B5E-47B7-A9CD-13B99A2F0D9B}
[2012-06-10 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BD8018E5-FCD0-4B16-8A2F-2E3968C0C0A5}
[2012-06-10 19:43:59 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\sklep u Oli czerwiec 2012
[2012-06-10 09:58:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9A0D88DE-6EA7-4254-91FD-A0E43926C782}
[2012-06-10 09:58:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FC13A55C-FB09-4848-BBC4-BF92DA2AFD50}
[2012-06-09 21:58:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E86127A8-9605-4F48-A859-0C33B23F5740}
[2012-06-09 21:57:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4794BF80-E325-466E-9E7B-50818F4470E3}
[2012-06-09 19:58:45 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\szkolenie Gdańsk 09062012 Z.Kubat
[2012-06-08 09:23:07 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Aloes skany
[2012-06-08 08:18:55 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Katalog 2011 FLP w jpg
[2012-06-08 07:33:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{52E88903-73A8-41C9-9C3B-CC35ABA3EAE3}
[2012-06-08 07:33:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4CB4111F-09CD-4A95-9C21-DFA58ACEC969}
[2012-06-07 19:33:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{660B6176-5A2F-4517-8FEC-5D3A4A683F71}
[2012-06-07 19:32:59 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7D0C31BD-353B-4300-8A9F-94C4A2ECB58C}
[2012-06-06 18:34:25 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6B9505A7-A238-4BBC-814B-95606ED9D494}
[2012-06-06 18:34:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DE5019EF-6C87-4816-ADD3-F2F3CBCE24F6}
[2012-06-06 07:35:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6C3E76FD-5E26-4365-9E42-202A936508A6}
[2012-06-05 19:34:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{98AAED9F-DB82-4912-BF95-2A356D6A9309}
[2012-06-05 19:34:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EBE2AF05-B210-48B9-B105-9462CE2DCFEC}
[2012-06-04 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BAE449E5-DA0D-4076-8710-BF45CB6A7D9A}
[2012-06-04 20:50:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{21106E41-72BC-43C0-8253-8858762542E0}
[2012-06-04 05:46:00 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{70DD7591-AA16-4EA3-AD32-20C8AD0FF109}
[2012-06-04 05:45:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7353FC5F-F42B-4774-BF5C-B852FED785C1}
[2012-06-03 16:05:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F6DD6725-D63E-4C4B-B7DE-63980F5E4446}
[2012-06-03 16:05:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E6ABF2FD-A280-4A10-9FFA-F11408851590}
[2012-06-02 07:38:18 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD7BE399-4DAA-49A1-8B48-DC8D777717C9}
[2012-06-02 07:38:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{634614C4-D75B-4B87-839E-2EB827E74944}
[2012-06-01 20:27:18 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Adobe
[2012-06-01 19:42:20 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\NVIDIA
[2012-06-01 18:42:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{27AAFDFC-C7B8-42C4-92E3-055E0EBC9C39}
[2012-06-01 18:42:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2A443356-19F1-4A2E-8CF0-6C12EB222AC3}
[2012-05-30 19:05:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{79D2E019-A289-4443-A28A-7020A614399C}
[2012-05-30 19:05:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{07DDC23A-4E96-4210-80B5-14449503C326}
[2012-05-30 07:05:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{0C577AA4-0559-480F-B048-A327EE796CCC}
[2012-05-30 07:05:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3FA364B3-C327-41E8-BC4C-E534FE293ADA}
[2012-05-29 19:04:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{640EA363-A243-425E-A263-D30715CDCB4E}
[2012-05-29 19:04:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{99DEA1FF-178F-45AE-9042-CBB0E0D47777}
[2012-05-29 07:04:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3F8CA39C-0A1E-4CD5-BEA5-40FB83C8480B}
[2012-05-29 07:03:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C20D7D57-9BC7-4FFD-A62A-C15735130FC0}
[2012-05-28 17:29:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F8FD399B-930C-4D26-8B83-147CB4CD5689}
[2012-05-28 17:28:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD89645A-02E0-4CC0-9073-2659E8101112}
[2012-05-27 22:08:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EC9AAE7A-DCB7-471D-B704-BDADA3ED926A}
[2012-05-27 22:08:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A2772B43-4482-4B0A-90CB-386F42F01D07}
[2012-05-27 10:08:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{844AAB1B-A0EC-4E23-B851-D49DC9761B61}
[2012-05-27 10:08:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{30640AA1-9C5E-4C60-BD03-1BFAB1D8F9BD}
[2012-05-25 21:23:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9670358C-2424-43BD-827A-FD3960CDEBC9}
[2012-05-25 21:22:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4D06EFB9-6451-497F-A94D-1B9EE2B002A4}
[2012-05-24 21:56:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C08E8099-07DC-4050-8965-5EEEA61747BD}
[2012-05-24 21:55:58 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DF28F0E8-C953-432F-852F-D108F414BB8D}
[2012-05-23 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B162FFE1-FF52-40F7-B6F9-D6B22AB72A31}
[2012-05-23 21:37:24 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{25FCFBE5-FE41-47D9-8953-B3DC732079CF}
[2012-05-23 08:32:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{CA5F10C8-0546-4BB2-A097-48602E03FDDC}
[2012-05-23 08:32:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{229428F4-6CD2-4A84-9261-CA4B67C7264D}
[2012-05-22 20:31:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7DAE0945-7BB0-4A6B-90DA-78BC25BA4F6B}
[2012-05-22 20:30:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4861FC68-CA64-46F4-99DD-D7E5589F849B}
[2012-05-22 08:30:26 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9405F964-1881-4CEE-B554-A81ABF55BE61}
[2012-05-22 08:30:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{142491D3-5CCB-40B1-808E-D167E2F037F7}
[2012-05-21 20:29:52 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1E5FAAB7-3F0A-423D-AF86-178BACA5D1EF}
[2012-05-21 20:29:41 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F0A86C97-93B0-404D-B8C1-C47F640BC784}
[2012-05-21 08:29:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B610FE54-AD8D-41DD-9C2F-A5FCA8CAA032}
[2012-05-21 08:29:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A65F79AF-8336-4BDE-AE01-4C7FBBAF5F0C}
[2012-05-20 20:28:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2FFD11E8-684E-4668-A07E-4837AA5C4EF9}
[2012-05-20 20:28:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DD2DA2C4-A08A-4355-AFBB-82E3DF758089}
[2012-05-20 08:12:27 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{153AB40A-2ACF-4EF9-9B2D-4956D8E466B2}
[2012-05-20 08:12:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{D51B57BD-74AC-48D0-9ED5-F2B6C3288EE7}
[2012-05-19 18:02:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1DAAFAA7-A6A8-47E3-A1C4-FF91B552FF1B}
[2012-05-19 18:01:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{96CD979C-39E9-4CBB-9C47-89C29C622BC4}
[2011-05-06 19:12:30 | 001,233,920 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4.dll
[2011-05-06 19:12:30 | 000,044,544 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4a.dll
[2011-04-29 13:53:20 | 000,082,432 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4r.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-06-18 12:07:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-18 12:03:26 | 001,495,500 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-18 12:03:26 | 000,672,140 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-06-18 12:03:26 | 000,596,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-18 12:03:26 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-06-18 12:03:26 | 000,104,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-18 11:57:29 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012-06-18 11:57:28 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012-06-18 11:57:13 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-18 11:57:13 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-18 11:57:11 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-18 11:57:11 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\RtlVistaStart.job
[2012-06-18 11:57:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-18 11:55:52 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2012-06-18 11:54:41 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012-06-18 11:44:03 | 000,029,335 | ---- | M] () -- C:\Users\PC\Desktop\skrin3.jpg
[2012-06-18 11:41:27 | 000,030,166 | ---- | M] () -- C:\Users\PC\Desktop\skrin2.jpg
[2012-06-18 11:21:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-06-18 11:10:11 | 000,000,230 | ---- | M] () -- C:\fix.BAT
[2012-06-18 06:43:37 | 000,574,179 | ---- | M] () -- C:\Users\PC\Desktop\raport_skan_dr_web.jpg
[2012-06-18 06:29:37 | 000,000,680 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps.dat
[2012-06-16 07:36:39 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012-06-16 01:49:26 | 000,030,664 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr
[2012-06-16 01:43:42 | 000,011,887 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr
[2012-06-15 19:50:18 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-06-15 19:50:18 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-06-14 21:55:39 | 005,043,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-06-14 20:47:47 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-06-14 20:47:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-06-14 07:47:05 | 000,001,460 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat
[2012-06-13 06:32:49 | 000,023,758 | ---- | M] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr
[2012-06-13 06:22:08 | 001,272,603 | ---- | M] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf
[2012-06-13 06:07:27 | 000,020,802 | ---- | M] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr
[2012-06-12 15:01:37 | 000,100,851 | ---- | M] () -- C:\Users\PC\Desktop\neptun.eps
[2012-06-12 07:44:04 | 000,360,136 | ---- | M] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg
[2012-06-10 18:38:59 | 000,026,533 | ---- | M] () -- C:\Users\PC\Desktop\Rysunek1.eps
[2012-06-05 21:00:34 | 000,138,527 | ---- | M] () -- C:\Users\PC\Desktop\MLM.pdf
[2012-06-05 20:22:33 | 001,683,614 | ---- | M] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf
[2012-06-05 19:51:35 | 000,088,322 | ---- | M] () -- C:\Users\PC\Desktop\IdCard.pdf
[2012-06-03 23:18:48 | 003,701,146 | ---- | M] () -- C:\Users\PC\Desktop\katalog10_2011.pdf
[2012-06-03 17:42:32 | 000,076,910 | ---- | M] () -- C:\Windows\FontData.fdb
[2012-06-01 20:27:49 | 000,158,208 | ---- | M] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-21 08:18:41 | 000,415,621 | ---- | M] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf
[2012-05-19 18:11:31 | 031,905,004 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Civilization (Bongo, Bongo, Bongo).wav
[2012-05-19 18:11:22 | 030,293,864 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Shoo Shoo Baby.wav
[2012-05-19 18:11:13 | 030,164,498 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Sonny Boy.wav
[2012-05-19 18:11:04 | 028,071,220 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Rhumboogie.wav
[2012-05-19 18:10:55 | 034,503,940 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Hold Tight.wav
[2012-05-19 18:10:45 | 024,630,268 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Bounce Me Brother With a Solid Four.wav
[2012-05-19 18:10:37 | 029,176,696 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - When the Midnight Choo Choo Leaves for Alabama.wav
[2012-05-19 18:10:28 | 030,352,674 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Gimme Some Skin My Friend.wav
[2012-05-19 18:10:18 | 029,858,750 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Corns for My Country.wav
[2012-05-19 18:10:07 | 025,436,984 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Pagan Love Song.wav
[2012-05-19 18:09:58 | 025,150,056 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Way Down Yonder in New Orleans.wav
[2012-05-19 18:09:49 | 029,028,496 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Boogie Woogie Bugle Boy.wav
[2012-05-19 18:09:38 | 033,017,480 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Tuxedo Junction.wav
[2012-05-19 18:09:26 | 031,780,338 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Alexander's Ragtime Band.wav
[2012-05-19 18:09:13 | 028,188,830 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - I Can Dream, Can't I.wav
[2012-05-19 18:09:01 | 030,477,322 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Beer Barrel Polka.wav
[2012-05-19 18:08:47 | 030,305,640 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Beat Me Daddy, Eight to the Bar.wav
[2012-05-19 18:08:33 | 031,380,502 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Don't Sit Under the Appletree.wav
[2012-05-19 18:08:18 | 033,135,086 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Bei Mir Bist Du Schön.wav
[2012-05-19 18:08:00 | 033,497,290 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Rum and Coca Cola.wav

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-06-18 11:44:03 | 000,029,335 | ---- | C] () -- C:\Users\PC\Desktop\skrin3.jpg
[2012-06-18 11:41:27 | 000,030,166 | ---- | C] () -- C:\Users\PC\Desktop\skrin2.jpg
[2012-06-18 11:10:10 | 000,000,230 | ---- | C] () -- C:\fix.BAT
[2012-06-18 06:43:35 | 000,574,179 | ---- | C] () -- C:\Users\PC\Desktop\raport_skan_dr_web.jpg
[2012-06-16 01:49:25 | 000,030,664 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr
[2012-06-16 01:45:08 | 000,100,851 | ---- | C] () -- C:\Users\PC\Desktop\neptun.eps
[2012-06-16 01:43:42 | 000,011,887 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr
[2012-06-14 20:47:47 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-06-14 20:47:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012-06-13 06:32:49 | 000,020,802 | ---- | C] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr
[2012-06-13 06:22:08 | 001,272,603 | ---- | C] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf
[2012-06-13 06:07:27 | 000,023,758 | ---- | C] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr
[2012-06-12 07:44:01 | 000,360,136 | ---- | C] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg
[2012-06-10 18:38:54 | 000,026,533 | ---- | C] () -- C:\Users\PC\Desktop\Rysunek1.eps
[2012-06-05 21:00:34 | 000,138,527 | ---- | C] () -- C:\Users\PC\Desktop\MLM.pdf
[2012-06-05 20:22:33 | 001,683,614 | ---- | C] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf
[2012-06-05 19:51:35 | 000,088,322 | ---- | C] () -- C:\Users\PC\Desktop\IdCard.pdf
[2012-06-03 23:18:48 | 003,701,146 | ---- | C] () -- C:\Users\PC\Desktop\katalog10_2011.pdf
[2012-06-01 19:57:45 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2012-06-01 19:57:01 | 000,001,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2012-06-01 19:56:03 | 000,001,274 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2012-06-01 19:55:59 | 000,001,350 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2012-05-21 08:18:41 | 000,415,621 | ---- | C] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf
[2012-05-19 18:11:22 | 031,905,004 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Civilization (Bongo, Bongo, Bongo).wav
[2012-05-19 18:11:13 | 030,293,864 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Shoo Shoo Baby.wav
[2012-05-19 18:11:04 | 030,164,498 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Sonny Boy.wav
[2012-05-19 18:10:55 | 028,071,220 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Rhumboogie.wav
[2012-05-19 18:10:45 | 034,503,940 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Hold Tight.wav
[2012-05-19 18:10:37 | 024,630,268 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Bounce Me Brother With a Solid Four.wav
[2012-05-19 18:10:28 | 029,176,696 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - When the Midnight Choo Choo Leaves for Alabama.wav
[2012-05-19 18:10:18 | 030,352,674 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Gimme Some Skin My Friend.wav
[2012-05-19 18:10:07 | 029,858,750 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Corns for My Country.wav
[2012-05-19 18:09:58 | 025,436,984 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Pagan Love Song.wav
[2012-05-19 18:09:49 | 025,150,056 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Way Down Yonder in New Orleans.wav
[2012-05-19 18:09:38 | 029,028,496 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Boogie Woogie Bugle Boy.wav
[2012-05-19 18:09:26 | 033,017,480 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Tuxedo Junction.wav
[2012-05-19 18:09:13 | 031,780,338 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Alexander's Ragtime Band.wav
[2012-05-19 18:09:01 | 028,188,830 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - I Can Dream, Can't I.wav
[2012-05-19 18:08:47 | 030,477,322 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Beer Barrel Polka.wav
[2012-05-19 18:08:33 | 030,305,640 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Beat Me Daddy, Eight to the Bar.wav
[2012-05-19 18:08:18 | 031,380,502 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Don't Sit Under the Appletree.wav
[2012-05-19 18:08:00 | 033,135,086 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Bei Mir Bist Du Schön.wav
[2012-05-19 18:07:40 | 033,497,290 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Rum and Coca Cola.wav
[2012-01-18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012-01-18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012-01-18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012-01-11 19:33:16 | 000,002,048 | -HS- | C] () -- C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\@
[2011-10-04 19:55:57 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011-09-18 22:06:48 | 000,001,496 | ---- | C] () -- C:\Users\PC\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
[2011-03-02 07:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011-03-02 07:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011-03-02 07:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011-03-02 07:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011-03-02 07:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2010-09-21 21:32:00 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-09-09 18:42:58 | 000,000,008 | RHS- | C] () -- C:\ProgramData\4808029583.sys
[2010-09-09 18:42:57 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010-08-17 23:42:18 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-08-17 23:34:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-08-17 12:21:50 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2010-08-17 11:27:38 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010-08-17 11:27:02 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010-08-17 11:26:12 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010-08-17 10:00:47 | 000,158,208 | ---- | C] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-16 17:12:48 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010-08-16 17:12:47 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010-08-16 16:56:43 | 000,000,680 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps.dat
[2010-08-16 16:51:50 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010-08-16 16:34:32 | 000,001,460 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat

[color=#E56717]========== LOP Check ==========[/color]

[2011-03-04 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011-10-07 20:13:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\cryptlib
[2011-09-14 08:29:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FileZilla
[2010-08-17 23:53:09 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Gadu-Gadu 10
[2012-02-16 16:16:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GG
[2012-06-18 11:57:38 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ipla
[2011-08-06 22:37:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IrfanView
[2011-10-15 18:24:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Leadertech
[2010-09-08 21:45:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenFM
[2010-08-17 10:32:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenOffice.org
[2010-11-16 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\RDRM
[2012-05-13 14:51:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Samsung
[2010-09-09 21:35:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-04-17 07:19:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TeamViewer
[2012-05-14 21:50:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Temp
[2011-06-14 23:55:32 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Thinstall
[2012-04-02 23:20:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Windows Live Writer
[2012-06-18 11:57:11 | 000,000,258 | ---- | M] () -- C:\Windows\Tasks\RtlVistaStart.job
[2012-06-18 11:54:42 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 64 bytes -> C:\Users\PC\Desktop\SNC02502.mp4:TOC.WMV

< End of report >

[/log]

Extras [log]OTL Extras logfile created on: 2012-06-18 12:09:53 - Run 2
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 44,35% Memory free
8,21 Gb Paging File | 5,60 Gb Available in Paging File | 68,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,26 Gb Total Space | 49,82 Gb Free Space | 33,16% Space Free | Partition Type: NTFS
Drive D: | 781,25 Gb Total Space | 257,74 Gb Free Space | 32,99% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 63 A2 6C 66 0C 48 CB 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3427946872-3053539125-2350841564-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[color=#E56717]========== Firewall Settings ==========[/color]

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.6.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Pen Tablet Driver" = Bamboo

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6834B8AE-D23B-4B26-A919-6515844CF2BA}" = CorelDRAW Graphics Suite X4 - Lang PL
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3 - Polish
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BE686891-3C56-4714-AFEF-341A7867BA80}" = ASUS WiFi-AP Solo
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{ED0FB0C1-CD06-4C29-B903-8A91D4BF5B61}_is1" = NexusFile (5.3.1.5460)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Clownfish" = Clownfish for Skype
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.0
"flashFONT" = flashFONT
"Gadu-Gadu 10" = Gadu-Gadu 10
"Google Chrome" = Google Chrome
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"ipla" = ipla 2.3.5
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.61.0.1400
"Mechanical Clock 3D Screensaver_is1" = Mechanical Clock 3D Screensaver 1.0
"Mozilla Firefox 12.0 (x86 pl)" = Mozilla Firefox 12.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"QuicktimeAlt_is1" = QuickTime Alternative 3.1.1
"RealAlt_is1" = Real Alternative 2.0.2
"SkanerOnline" = Skaner on-line mks_vir
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Winamp" = Winamp
"WinLiveSuite" = Podstawowe programy Windows Live

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-02-08 02:55:53 | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 2012-02-08 02:55:54 | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 2012-02-08 05:26:24 | Computer Name = PC-PC | Source = WinMgmt | ID = 10
Description =

Error - 2012-02-08 05:55:15 | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: 16b4 Godzina rozpoczęcia: 01cce6468e63c29e
Godzina
zakończenia: 12

Error - 2012-02-08 06:00:10 | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: 14c8 Godzina rozpoczęcia: 01cce647c336991e
Godzina
zakończenia: 11

Error - 2012-02-08 06:05:22 | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: 1798 Godzina rozpoczęcia: 01cce6487ac5909e
Godzina
zakończenia: 15

Error - 2012-02-08 09:15:17 | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = Program WINWORD.EXE w wersji 0.0.0.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: 1e68 Godzina rozpoczęcia: 01cce6638867e7fe
Godzina
zakończenia: 15

Error - 2012-02-08 09:15:47 | Computer Name = PC-PC | Source = SideBySide | ID = 16842830
Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\PC\Downloads\esetsmartinstaller_plk(1).exe”.
Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana
przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki
powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error - 2012-02-08 09:15:47 | Computer Name = PC-PC | Source = SideBySide | ID = 16842830
Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\PC\Downloads\esetsmartinstaller_plk.exe”.
Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana
przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki
powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error - 2012-02-08 09:39:01 | Computer Name = PC-PC | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 2011-02-16 16:35:21 | Computer Name = PC-PC | Source = Media Center Guide | ID = 0
Description = Informacje o zdarzeniu: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Proces: DefaultDomain Nazwa obiektu: Media Center
Guide

[ System Events ]
Error - 2012-06-18 03:32:11 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 2012-06-18 03:32:11 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 2012-06-18 03:32:11 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 2012-06-18 03:32:11 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 2012-06-18 03:32:11 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-06-18 05:57:35 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 2012-06-18 05:57:35 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 2012-06-18 05:57:35 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 2012-06-18 05:57:35 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 2012-06-18 05:57:35 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >

[/log]

Gość
komentarz
komentarz (edytowane)

Uruchom OTL i w oknie [b]Własne opcje skanowania /skrypt[/b] wklej

[code]:OTL
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Clownfish] File not found

:Files
C:\Users\PC\AppData\Local\{87282A05-CC52-44B4-AE2E-010D5CFEDA3E}
C:\Users\PC\AppData\Local\{E586C701-F058-48CC-A28C-D03D8FD95D73}
C:\Users\PC\AppData\Local\{DB9F142A-E3E4-4072-8EC0-6D200B702FE7}
C:\Users\PC\AppData\Local\{F18E1112-ACAD-42C3-A8F6-035695150961}
C:\Users\PC\AppData\Local\{A50B2D25-0621-41FB-BF05-D0F8CC5FEC8C}
C:\Users\PC\AppData\Local\{3980419D-3125-4E2B-99C9-5DCDDCB7E729}
C:\Users\PC\AppData\Local\{4EDD805B-FF6F-4ACE-A3FF-A2A62ADA47C2}
C:\Users\PC\AppData\Local\{4586C0FD-7567-4CCC-B40A-899B4AAF9C2F}
C:\Windows\SysNative\%APPDATA%
C:\ProgramData\B7E8587A00000ACB0000697B570F1C8B

:Commands
[emptytemp][/code]

Kliknij w [b]Wykonaj skrypt.[/b]

Po usuwaniu OTL wygeneruje log. Zapisz go i przedstaw

Robisz nowy skan OTL i przedstwaiasz raport. Log [b]Extras juz nie potrzebny[/b]

winbooy
komentarz
komentarz

Raport po wykonanym skrypcie: [log]All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Clownfish deleted successfully.
========== FILES ==========
C:\Users\PC\AppData\Local\{87282A05-CC52-44B4-AE2E-010D5CFEDA3E} folder moved successfully.
C:\Users\PC\AppData\Local\{E586C701-F058-48CC-A28C-D03D8FD95D73} folder moved successfully.
C:\Users\PC\AppData\Local\{DB9F142A-E3E4-4072-8EC0-6D200B702FE7} folder moved successfully.
C:\Users\PC\AppData\Local\{F18E1112-ACAD-42C3-A8F6-035695150961} folder moved successfully.
C:\Users\PC\AppData\Local\{A50B2D25-0621-41FB-BF05-D0F8CC5FEC8C} folder moved successfully.
C:\Users\PC\AppData\Local\{3980419D-3125-4E2B-99C9-5DCDDCB7E729} folder moved successfully.
C:\Users\PC\AppData\Local\{4EDD805B-FF6F-4ACE-A3FF-A2A62ADA47C2} folder moved successfully.
C:\Users\PC\AppData\Local\{4586C0FD-7567-4CCC-B40A-899B4AAF9C2F} folder moved successfully.
C:\Windows\SysNative\%APPDATA%\Microsoft\Windows\IETldCache folder moved successfully.
C:\Windows\SysNative\%APPDATA%\Microsoft\Windows folder moved successfully.
C:\Windows\SysNative\%APPDATA%\Microsoft folder moved successfully.
Folder move failed. C:\Windows\SysNative\%APPDATA% scheduled to be moved on reboot.
C:\ProgramData\B7E8587A00000ACB0000697B570F1C8B folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 2786068 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: PC
->Temp folder emptied: 5703324167 bytes
->Temporary Internet Files folder emptied: 125146533 bytes
->Java cache emptied: 36191274 bytes
->FireFox cache emptied: 437125394 bytes
->Google Chrome cache emptied: 378941692 bytes
->Flash cache emptied: 167035 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22656603790 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 2490161 bytes
RecycleBin emptied: 2632070257 bytes

Total Files Cleaned = 30 494,00 mb


OTL by OldTimer - Version 3.2.49.0 log created on 06182012_163701

Files\Folders moved on Reboot...
Folder move failed. C:\Windows\SysNative\%APPDATA% scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[/log]

Log z otl: otl [log]OTL logfile created on: 2012-06-18 17:07:58 - Run 3
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 1,51 Gb Available Physical Memory | 37,68% Memory free
8,21 Gb Paging File | 5,40 Gb Available in Paging File | 65,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,26 Gb Total Space | 79,31 Gb Free Space | 52,78% Space Free | Partition Type: NTFS
Drive D: | 781,25 Gb Total Space | 257,74 Gb Free Space | 32,99% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-06-16 18:20:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\otl\OTL.exe
PRC - [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012-05-11 16:33:52 | 019,858,432 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe
PRC - [2012-04-27 02:13:06 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2012-03-01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
PRC - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012-01-19 13:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012-01-19 13:26:18 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011-11-11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011-07-04 19:46:08 | 000,537,184 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\open-fm.exe
PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe
PRC - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
PRC - [2007-08-02 17:45:50 | 000,053,248 | ---- | M] (Sonic Focus, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007-04-03 10:30:56 | 000,995,328 | ---- | M] (AzureWave.com) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe
PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-06-18 17:04:26 | 000,115,137 | ---- | M] () -- C:\Users\PC\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll
MOD - [2012-06-15 19:50:17 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
MOD - [2012-06-13 06:46:12 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012-06-13 05:47:55 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012-06-13 05:47:40 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012-06-13 05:47:36 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012-06-13 05:47:29 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012-06-13 05:47:28 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012-06-07 10:14:43 | 000,441,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
MOD - [2012-06-07 10:14:42 | 003,922,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012-06-07 10:13:27 | 000,553,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libglesv2.dll
MOD - [2012-06-07 10:13:26 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libegl.dll
MOD - [2012-06-07 10:13:16 | 000,134,696 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012-06-07 10:13:15 | 000,250,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012-06-07 10:13:14 | 002,375,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\PROGRA~2\Google\Chrome\APPLIC~1\190108~1.56\gcswf32.dll
MOD - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012-05-11 21:21:44 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012-05-11 21:20:20 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll
MOD - [2012-05-11 21:20:13 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012-05-11 16:25:24 | 000,292,864 | ---- | M] () -- C:\Program Files (x86)\ipla\MediaFileScanner.dll
MOD - [2012-05-11 16:24:42 | 000,386,560 | ---- | M] () -- C:\Program Files (x86)\ipla\jabberoo.dll
MOD - [2012-05-11 16:22:40 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\ipla\lua.dll
MOD - [2012-05-11 16:21:52 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\ipla\ziplib.dll
MOD - [2012-05-11 07:31:34 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012-05-11 07:26:57 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012-05-11 07:26:53 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012-05-11 07:26:50 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012-05-11 07:26:48 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012-05-11 07:26:43 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2011-08-12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
MOD - [2011-08-12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
MOD - [2011-08-12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
MOD - [2011-08-12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
MOD - [2011-08-12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
MOD - [2011-07-04 19:46:26 | 000,152,160 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggzip.dll
MOD - [2011-07-04 19:46:24 | 000,270,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggwebkit.dll
MOD - [2011-07-04 19:46:22 | 000,111,200 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggradiocore.dll
MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 19:46:20 | 000,111,200 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggradio.dll
MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 19:46:16 | 000,127,584 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcimproxy.dll
MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 19:46:14 | 000,086,624 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gghttp.dll
MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-07-04 19:46:08 | 000,537,184 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\open-fm.exe
MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 10:59:40 | 000,946,688 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libxml2.dll
MOD - [2011-02-17 10:59:40 | 000,438,272 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libgstreamer-0.10.dll
MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 10:59:40 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libgstinterfaces-0.10.dll
MOD - [2011-02-17 10:59:40 | 000,033,098 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\iconv.dll
MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll
MOD - [2007-03-09 14:29:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\ASUS WiFi-AP Solo\EnumDevLib.dll


[color=#E56717]========== Win32 Services (All) ==========[/color]

SRV:[b]64bit:[/b] - [2012-04-23 18:25:30 | 000,174,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2011-11-16 18:43:13 | 000,442,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:[b]64bit:[/b] - [2011-11-16 16:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:[b]64bit:[/b] - [2011-11-16 16:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:[b]64bit:[/b] - [2011-11-16 16:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (Netlogon)
SRV:[b]64bit:[/b] - [2011-11-16 16:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:[b]64bit:[/b] - [2011-03-28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:[b]64bit:[/b] - [2011-03-02 18:12:21 | 000,117,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:[b]64bit:[/b] - [2011-02-22 15:53:27 | 001,149,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:[b]64bit:[/b] - [2010-11-06 13:18:13 | 000,855,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:[b]64bit:[/b] - [2010-09-06 20:28:38 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:[b]64bit:[/b] - [2010-08-17 16:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:[b]64bit:[/b] - [2010-07-09 16:17:18 | 000,159,336 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\SysNative\nvvsvc.exe -- (nvsvc)
SRV:[b]64bit:[/b] - [2009-10-09 23:36:09 | 002,050,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:[b]64bit:[/b] - [2009-10-09 23:34:39 | 000,232,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:[b]64bit:[/b] - [2009-10-01 02:51:40 | 000,107,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:[b]64bit:[/b] - [2009-08-07 04:24:17 | 002,424,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2009-07-11 21:11:20 | 000,615,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:[b]64bit:[/b] - [2009-07-10 13:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (Themes)
SRV:[b]64bit:[/b] - [2009-07-10 13:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:[b]64bit:[/b] - [2009-06-10 13:53:17 | 000,203,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:29 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:28 | 001,491,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (Eventlog)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:28 | 000,581,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:28 | 000,572,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:28 | 000,218,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\webclnt.dll -- (WebClient)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:27 | 000,372,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:27 | 000,313,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:27 | 000,032,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\uxsms.dll -- (UxSms)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:26 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:26 | 000,547,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:26 | 000,480,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:26 | 000,318,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:24 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SLUINotify.dll -- (SLUINotify)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:23 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:23 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:22 | 001,081,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:22 | 000,409,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qagentRT.dll -- (napagent)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:22 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:22 | 000,178,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (PNRPsvc)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (PNRPAutoReg)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2pimsvc)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:15 | 000,719,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:15 | 000,533,504 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipsecsvc.dll -- (PolicyAgent)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:15 | 000,454,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ikeext.dll -- (IKEEXT)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:15 | 000,024,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:14 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\emdmgmt.dll -- (EMDMgmt)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:14 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:14 | 000,268,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcsvc.dll -- (Dhcp)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:14 | 000,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioSrv)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioEndpointBuilder)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:13 | 000,053,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bthserv.dll -- (BthServ)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:10 | 000,209,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:03 | 001,433,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vssvc.exe -- (VSS)
SRV:[b]64bit:[/b] - [2009-04-11 09:11:00 | 000,454,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:[b]64bit:[/b] - [2009-04-11 09:10:50 | 000,597,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV:[b]64bit:[/b] - [2009-04-11 09:10:35 | 002,582,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SLsvc.exe -- (slsvc)
SRV:[b]64bit:[/b] - [2009-04-11 09:10:29 | 000,125,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV:[b]64bit:[/b] - [2009-04-11 09:10:08 | 003,433,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DFSR.exe -- (DFSR)
SRV:[b]64bit:[/b] - [2008-01-21 04:52:15 | 001,216,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:[b]64bit:[/b] - [2008-01-21 04:52:00 | 000,173,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
SRV:[b]64bit:[/b] - [2008-01-21 04:51:33 | 000,067,072 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:[b]64bit:[/b] - [2008-01-21 04:51:19 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:[b]64bit:[/b] - [2008-01-21 04:51:16 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:[b]64bit:[/b] - [2008-01-21 04:51:03 | 000,117,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:[b]64bit:[/b] - [2008-01-21 04:51:01 | 000,344,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:[b]64bit:[/b] - [2008-01-21 04:50:59 | 001,373,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:[b]64bit:[/b] - [2008-01-21 04:50:34 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:[b]64bit:[/b] - [2008-01-21 04:50:27 | 000,206,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:[b]64bit:[/b] - [2008-01-21 04:50:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:[b]64bit:[/b] - [2008-01-21 04:50:14 | 000,296,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:[b]64bit:[/b] - [2008-01-21 04:50:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:[b]64bit:[/b] - [2008-01-21 04:50:06 | 000,024,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:59 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sessenv.dll -- (SessionEnv)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:56 | 000,037,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:56 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:46 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:42 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:33 | 000,061,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sens.dll -- (SENS)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:15 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:15 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:11 | 000,103,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:09 | 000,139,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:09 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:04 | 000,086,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\kmsvc.dll -- (hkmsvc)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:02 | 000,120,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WerSvc.dll -- (WerSvc)
SRV:[b]64bit:[/b] - [2008-01-21 04:49:02 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\tbssvc.dll -- (TBS)
SRV:[b]64bit:[/b] - [2008-01-21 04:48:40 | 000,304,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV:[b]64bit:[/b] - [2008-01-21 04:48:29 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:[b]64bit:[/b] - [2008-01-21 04:48:26 | 000,088,064 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:[b]64bit:[/b] - [2008-01-21 04:48:24 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:[b]64bit:[/b] - [2008-01-21 04:48:21 | 000,093,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipbusenum.dll -- (IPBusEnum)
SRV:[b]64bit:[/b] - [2008-01-21 04:48:19 | 000,395,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:[b]64bit:[/b] - [2008-01-21 04:48:19 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:[b]64bit:[/b] - [2008-01-21 04:48:17 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:[b]64bit:[/b] - [2008-01-21 04:48:16 | 000,080,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:[b]64bit:[/b] - [2008-01-21 04:48:10 | 000,348,160 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:[b]64bit:[/b] - [2008-01-21 04:47:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:[b]64bit:[/b] - [2008-01-21 04:47:30 | 000,284,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:[b]64bit:[/b] - [2008-01-21 04:47:28 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SDRSVC.dll -- (SDRSVC)
SRV:[b]64bit:[/b] - [2007-06-07 07:41:54 | 000,089,088 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV:[b]64bit:[/b] - [2006-11-02 17:03:19 | 000,084,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:[b]64bit:[/b] - [2006-11-02 13:19:10 | 000,085,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:[b]64bit:[/b] - [2006-11-02 13:19:10 | 000,039,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:[b]64bit:[/b] - [2006-11-02 13:17:22 | 000,033,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\fdrespub.dll -- (FDResPub)
SRV:[b]64bit:[/b] - [2006-11-02 13:16:28 | 000,026,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:[b]64bit:[/b] - [2006-11-02 13:16:12 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:[b]64bit:[/b] - [2006-11-02 13:15:56 | 000,008,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\locator.exe -- (RpcLocator)
SRV:[b]64bit:[/b] - [2006-11-02 13:15:49 | 000,008,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dllhost.exe -- (COMSysApp)
SRV - [2012-06-15 19:50:18 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-04-26 22:55:22 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-04-23 18:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012-03-02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011-11-16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010-09-06 22:38:14 | 000,136,176 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdatem) Usługa Google Update (gupdatem)
SRV - [2010-09-06 22:38:14 | 000,136,176 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate) Usługa Google Update (gupdate)
SRV - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-03-18 15:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-03-18 15:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-10-09 23:56:18 | 001,181,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
SRV - [2009-07-10 13:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (Themes)
SRV - [2009-07-10 13:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2009-04-11 09:10:58 | 000,042,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2009-04-11 08:28:25 | 000,413,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wcncsvc.dll -- (wcncsvc)
SRV - [2009-04-11 08:28:25 | 000,199,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2009-04-11 08:28:25 | 000,140,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2009-04-11 08:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2009-04-11 08:28:24 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SCardSvr.dll -- (SCardSvr)
SRV - [2009-04-11 08:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (PNRPsvc)
SRV - [2009-04-11 08:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (PNRPAutoReg)
SRV - [2009-04-11 08:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (p2psvc)
SRV - [2009-04-11 08:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (p2pimsvc)
SRV - [2009-04-11 08:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2009-04-11 08:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2009-04-11 08:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcsvc.dll -- (Dhcp)
SRV - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2009-04-11 08:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2009-03-30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-03-30 06:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009-02-18 20:40:04 | 000,042,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009-02-18 20:39:11 | 000,857,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008-01-21 04:51:36 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008-01-21 04:51:36 | 000,153,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2008-01-21 04:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2008-01-21 04:50:38 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2008-01-21 04:50:07 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\Sens.dll -- (SENS)
SRV - [2008-01-21 04:50:01 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2008-01-21 04:50:01 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2008-01-21 04:49:21 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV - [2008-01-21 04:49:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2008-01-21 04:48:26 | 000,259,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2008-01-21 04:48:23 | 001,502,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2008-01-21 04:47:35 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2008-01-21 04:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008-01-21 04:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2006-11-02 17:03:48 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006-11-02 11:46:13 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2006-11-02 11:45:02 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp)


[color=#E56717]========== Driver Services (All) ==========[/color]

DRV:[b]64bit:[/b] - [2012-05-01 16:29:44 | 000,209,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpwd.sys -- (RDPWD)
DRV:[b]64bit:[/b] - [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012-03-30 14:45:03 | 001,423,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tcpip.sys -- (Tcpip6)
DRV:[b]64bit:[/b] - [2012-03-30 14:45:03 | 001,423,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:[b]64bit:[/b] - [2012-03-21 01:34:30 | 000,072,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2012-03-07 01:02:05 | 000,043,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012-02-29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-01-18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64) Logitech Webcam C100(UVC)
DRV:[b]64bit:[/b] - [2012-01-03 16:25:21 | 000,404,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:[b]64bit:[/b] - [2011-11-17 08:53:02 | 000,515,968 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\ksecdd.sys -- (KSecDD)
DRV:[b]64bit:[/b] - [2011-07-06 17:49:23 | 000,275,456 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb10.sys -- (mrxsmb10)
DRV:[b]64bit:[/b] - [2011-04-29 15:41:02 | 000,176,128 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srv2.sys -- (srv2)
DRV:[b]64bit:[/b] - [2011-04-29 15:40:56 | 000,145,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srvnet.sys -- (srvnet)
DRV:[b]64bit:[/b] - [2011-04-29 15:39:34 | 000,135,680 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb.sys -- (mrxsmb)
DRV:[b]64bit:[/b] - [2011-04-29 15:39:31 | 000,107,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb20.sys -- (mrxsmb20)
DRV:[b]64bit:[/b] - [2011-04-21 16:17:10 | 000,695,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT)
DRV:[b]64bit:[/b] - [2011-04-14 17:14:19 | 000,097,792 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\dfsc.sys -- (DfsC)
DRV:[b]64bit:[/b] - [2011-02-18 16:18:15 | 000,450,560 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srv.sys -- (srv)
DRV:[b]64bit:[/b] - [2011-02-18 16:16:16 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bowser.sys -- (bowser)
DRV:[b]64bit:[/b] - [2011-01-20 18:46:10 | 000,900,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:[b]64bit:[/b] - [2010-10-05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wacmoumonitor.sys -- (wacmoumonitor)
DRV:[b]64bit:[/b] - [2010-07-10 00:38:00 | 013,187,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nvlddmkm.sys -- (nvlddmkm)
DRV:[b]64bit:[/b] - [2010-02-20 23:30:08 | 000,620,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HTTP.sys -- (HTTP)
DRV:[b]64bit:[/b] - [2010-02-18 13:59:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tunnel.sys -- (tunnel)
DRV:[b]64bit:[/b] - [2009-12-08 19:55:32 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:[b]64bit:[/b] - [2009-10-01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:[b]64bit:[/b] - [2009-09-21 16:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacomvhid.sys -- (wacomvhid)
DRV:[b]64bit:[/b] - [2009-06-17 12:37:14 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:53 | 000,067,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:53 | 000,062,440 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\termdd.sys -- (TermDD)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:52 | 000,408,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:45 | 000,269,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:36 | 000,019,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spldr.sys -- (spldr)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:34 | 001,515,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:33 | 000,361,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\CLFS.sys -- (CLFS) Common Log (CLFS)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:32 | 000,325,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:32 | 000,310,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:32 | 000,275,432 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltmgr.sys -- (FltMgr)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:31 | 000,215,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\msiscsi.sys -- (iScsiPrt)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:31 | 000,178,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:30 | 000,155,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ecache.sys -- (Ecache)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:25 | 000,067,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (disk)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:24 | 000,059,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\mup.sys -- (Mup)
DRV:[b]64bit:[/b] - [2009-04-11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:[b]64bit:[/b] - [2009-04-11 09:14:59 | 000,014,312 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:[b]64bit:[/b] - [2009-04-11 07:43:46 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rassstp.sys -- (RasSstp)
DRV:[b]64bit:[/b] - [2009-04-11 07:43:40 | 000,169,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndiswan.sys -- (NdisWan)
DRV:[b]64bit:[/b] - [2009-04-11 07:43:39 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\raspptp.sys -- (PptpMiniport)
DRV:[b]64bit:[/b] - [2009-04-11 07:43:39 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\wanarp.sys -- (Wanarpv6)
DRV:[b]64bit:[/b] - [2009-04-11 07:43:39 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wanarp.sys -- (Wanarp)
DRV:[b]64bit:[/b] - [2009-04-11 07:43:38 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rasl2tp.sys -- (Rasl2tp)
DRV:[b]64bit:[/b] - [2009-04-11 07:43:33 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\raspppoe.sys -- (RasPppoe)
DRV:[b]64bit:[/b] - [2009-04-11 07:43:27 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipfltdrv.sys -- (IpFilterDriver)
DRV:[b]64bit:[/b] - [2009-04-11 07:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2009-04-11 07:43:00 | 000,094,720 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tdx.sys -- (tdx)
DRV:[b]64bit:[/b] - [2009-04-11 07:42:56 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\pacer.sys -- (PSched)
DRV:[b]64bit:[/b] - [2009-04-11 07:42:33 | 000,248,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\netbt.sys -- (netbt)
DRV:[b]64bit:[/b] - [2009-04-11 07:42:19 | 000,088,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\smb.sys -- (Smb)
DRV:[b]64bit:[/b] - [2009-04-11 07:40:20 | 000,187,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nwifi.sys -- (NativeWifiP)
DRV:[b]64bit:[/b] - [2009-04-11 07:39:57 | 000,178,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM) Urządzenie Bluetooth (Protokół TDI RFCOMM)
DRV:[b]64bit:[/b] - [2009-04-11 07:39:55 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum)
DRV:[b]64bit:[/b] - [2009-04-11 07:39:52 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbhub.sys -- (usbhub)
DRV:[b]64bit:[/b] - [2009-04-11 07:39:49 | 000,072,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ohci1394.sys -- (ohci1394)
DRV:[b]64bit:[/b] - [2009-04-11 07:39:41 | 000,948,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HDAudBus.sys -- (HDAudBus)
DRV:[b]64bit:[/b] - [2009-04-11 07:39:38 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\USBSTOR.SYS -- (USBSTOR)
DRV:[b]64bit:[/b] - [2009-04-11 07:39:36 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbehci.sys -- (usbehci)
DRV:[b]64bit:[/b] - [2009-04-11 07:39:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\hidusb.sys -- (HidUsb)
DRV:[b]64bit:[/b] - [2009-04-11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\cdrom.sys -- (cdrom)
DRV:[b]64bit:[/b] - [2009-04-11 07:33:40 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kbdhid.sys -- (kbdhid)
DRV:[b]64bit:[/b] - [2009-04-11 06:55:42 | 000,139,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:[b]64bit:[/b] - [2009-04-11 06:55:24 | 000,287,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\rdbss.sys -- (rdbss)
DRV:[b]64bit:[/b] - [2009-04-11 06:54:22 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\npfs.sys -- (Npfs)
DRV:[b]64bit:[/b] - [2009-04-11 06:54:21 | 000,299,008 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\udfs.sys -- (udfs)
DRV:[b]64bit:[/b] - [2009-04-11 06:54:11 | 000,187,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\exfat.sys -- (exfat)
DRV:[b]64bit:[/b] - [2009-04-11 06:54:10 | 000,198,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:[b]64bit:[/b] - [2008-01-21 04:51:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:[b]64bit:[/b] - [2008-01-21 04:51:14 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:[b]64bit:[/b] - [2008-01-21 04:51:07 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\RDPCDD.sys -- (RDPCDD)
DRV:[b]64bit:[/b] - [2008-01-21 04:51:01 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\asyncmac.sys -- (AsyncMac)
DRV:[b]64bit:[/b] - [2008-01-21 04:50:59 | 000,070,200 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:[b]64bit:[/b] - [2008-01-21 04:50:45 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:[b]64bit:[/b] - [2008-01-21 04:50:39 | 000,881,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:[b]64bit:[/b] - [2008-01-21 04:50:39 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\DRIVERS\cdfs.sys -- (cdfs)
DRV:[b]64bit:[/b] - [2008-01-21 04:50:39 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\msfs.sys -- (Msfs)
DRV:[b]64bit:[/b] - [2008-01-21 04:50:25 | 000,070,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (MountMgr)
DRV:[b]64bit:[/b] - [2008-01-21 04:50:10 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tssecsrv.sys -- (tssecsrv)
DRV:[b]64bit:[/b] - [2008-01-21 04:50:09 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\WUDFRd.sys -- (WUDFRd)
DRV:[b]64bit:[/b] - [2008-01-21 04:50:04 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:[b]64bit:[/b] - [2008-01-21 04:49:58 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndisuio.sys -- (Ndisuio)
DRV:[b]64bit:[/b] - [2008-01-21 04:49:52 | 000,011,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSKSSRV.sys -- (MSKSSRV)
DRV:[b]64bit:[/b] - [2008-01-21 04:49:52 | 000,007,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSTEE.sys -- (MSTEE)
DRV:[b]64bit:[/b] - [2008-01-21 04:49:51 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:[b]64bit:[/b] - [2008-01-21 04:49:48 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\rdpencdd.sys -- (RDPENCDD)
DRV:[b]64bit:[/b] - [2008-01-21 04:49:42 | 000,081,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:[b]64bit:[/b] - [2008-01-21 04:49:42 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:[b]64bit:[/b] - [2008-01-21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:[b]64bit:[/b] - [2008-01-21 04:49:16 | 000,109,568 | ---- | M] (Microsoft Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:[b]64bit:[/b] - [2008-01-21 04:49:15 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rspndr.sys -- (rspndr)
DRV:[b]64bit:[/b] - [2008-01-21 04:49:15 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lltdio.sys -- (lltdio)
DRV:[b]64bit:[/b] - [2008-01-21 04:49:00 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:[b]64bit:[/b] - [2008-01-21 04:48:45 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipnat.sys -- (IPNAT)
DRV:[b]64bit:[/b] - [2008-01-21 04:48:45 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:[b]64bit:[/b] - [2008-01-21 04:48:45 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndistapi.sys -- (NdisTapi)
DRV:[b]64bit:[/b] - [2008-01-21 04:48:45 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tunmp.sys -- (tunmp)
DRV:[b]64bit:[/b] - [2008-01-21 04:48:28 | 000,033,280 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:[b]64bit:[/b] - [2008-01-21 04:48:27 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\netbios.sys -- (NetBIOS)
DRV:[b]64bit:[/b] - [2008-01-21 04:48:24 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rasacd.sys -- (RasAcd)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:30 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:28 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ipmidrv.sys -- (IPMIDRV)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:28 | 000,035,896 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\i2omp.sys -- (i2omp)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:27 | 000,185,912 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo) Urządzenie wideo USB (WDM)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:27 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\i8042prt.sys -- (i8042prt)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:27 | 000,042,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kbdclass.sys -- (kbdclass)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:27 | 000,024,120 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:26 | 000,128,056 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:26 | 000,078,392 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:25 | 000,149,048 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:25 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\fdc.sys -- (fdc)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:25 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbuhci.sys -- (usbuhci)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:04 | 000,113,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:03 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Urządzenie Bluetooth (sieć osobista)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:01 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:01 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbccgp.sys -- (usbccgp)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:00 | 000,091,192 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\monitor.sys -- (monitor)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:00 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vgapnp.sys -- (vga)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:00 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:[b]64bit:[/b] - [2008-01-21 04:47:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,397,368 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastorv.sys -- (iaStorV)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,068,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gagp30kx.sys -- (gagp30kx)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,067,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uagp35.sys -- (uagp35)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,047,672 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hpcisss.sys -- (HpCISSs)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,039,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mouclass.sys -- (mouclass)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,035,896 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:59 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mouhid.sys -- (mouhid)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:56 | 000,438,328 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\megasr.sys -- (MegaSR)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:56 | 000,284,728 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\uliahci.sys -- (uliahci)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:56 | 000,146,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\E1G6032E.sys -- (E1G60) Intel(R)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:56 | 000,105,016 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:56 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:55 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\flpydisk.sys -- (flpydisk)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:54 | 000,342,584 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:54 | 000,126,520 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\adpu160m.sys -- (adpu160m)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:54 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\umbus.sys -- (umbus)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:53 | 000,486,456 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:53 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\serial.sys -- (Serial)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:53 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serenum.sys -- (Serenum)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:52 | 001,221,176 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:52 | 000,174,696 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ulsata2.sys -- (ulsata2)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:52 | 000,090,680 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:52 | 000,027,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,314,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\rdpdr.sys -- (rdpdr)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,126,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nv_agp.sys -- (nv_agp)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,068,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uliagpkx.sys -- (uliagpkx)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agp440.sys -- (agp440)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\intelppm.sys -- (intelppm)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,034,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mssmbios.sys -- (mssmbios)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:51 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,023,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,019,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,018,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,018,024 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,015,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,015,976 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,013,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\swenum.sys -- (swenum)
DRV:[b]64bit:[/b] - [2008-01-21 04:46:50 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:[b]64bit:[/b] - [2007-08-29 10:44:38 | 000,435,200 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:[b]64bit:[/b] - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RTL8187.sys -- (RTL8187)
DRV:[b]64bit:[/b] - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rtlprot.sys -- (RtlProt)
DRV:[b]64bit:[/b] - [2007-02-16 11:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacommousefilter.sys -- (wacommousefilter)
DRV:[b]64bit:[/b] - [2006-12-05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PFC027.SYS -- (PAC207)
DRV:[b]64bit:[/b] - [2006-11-02 14:03:03 | 000,051,816 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:[b]64bit:[/b] - [2006-11-02 14:02:52 | 000,049,256 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\symc8xx.sys -- (Symc8xx)
DRV:[b]64bit:[/b] - [2006-11-02 14:02:47 | 000,048,232 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sym_u3.sys -- (Sym_u3)
DRV:[b]64bit:[/b] - [2006-11-02 14:02:39 | 000,044,648 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:[b]64bit:[/b] - [2006-11-02 14:02:37 | 000,044,648 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sym_hi.sys -- (Sym_hi)
DRV:[b]64bit:[/b] - [2006-11-02 14:02:24 | 000,039,016 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\mraid35x.sys -- (Mraid35x)
DRV:[b]64bit:[/b] - [2006-11-02 14:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iteraid.sys -- (iteraid)
DRV:[b]64bit:[/b] - [2006-11-02 14:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iteatapi.sys -- (iteatapi)
DRV:[b]64bit:[/b] - [2006-11-02 13:51:30 | 000,203,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:[b]64bit:[/b] - [2006-11-02 13:50:54 | 000,148,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ulsata.sys -- (UlSata)
DRV:[b]64bit:[/b] - [2006-11-02 13:50:27 | 000,124,008 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
DRV:[b]64bit:[/b] - [2006-11-02 13:50:06 | 000,090,216 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:[b]64bit:[/b] - [2006-11-02 13:50:06 | 000,088,168 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\djsvs.sys -- (aic78xx)
DRV:[b]64bit:[/b] - [2006-11-02 12:27:53 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
DRV:[b]64bit:[/b] - [2006-11-02 11:44:02 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:[b]64bit:[/b] - [2006-11-02 11:44:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:[b]64bit:[/b] - [2006-11-02 11:43:46 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV:[b]64bit:[/b] - [2006-11-02 11:43:40 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:[b]64bit:[/b] - [2006-11-02 11:43:36 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:[b]64bit:[/b] - [2006-11-02 11:40:24 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:[b]64bit:[/b] - [2006-11-02 11:38:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:[b]64bit:[/b] - [2006-11-02 11:37:57 | 000,096,768 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:[b]64bit:[/b] - [2006-11-02 11:37:30 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSPCLOCK.sys -- (MSPCLOCK)
DRV:[b]64bit:[/b] - [2006-11-02 11:37:30 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSPQM.sys -- (MSPQM)
DRV:[b]64bit:[/b] - [2006-11-02 11:37:16 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\null.sys -- (Null)
DRV:[b]64bit:[/b] - [2006-11-02 10:43:25 | 000,086,528 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV:[b]64bit:[/b] - [2006-11-02 07:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:[b]64bit:[/b] - [2006-11-01 15:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2006-10-24 04:08:37 | 000,712,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\peauth.sys -- (PEAUTH)
DRV:[b]64bit:[/b] - [2006-10-04 03:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:[b]64bit:[/b] - [2006-09-30 01:51:44 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\secdrv.sys -- (secdrv)
DRV:[b]64bit:[/b] - [2006-09-19 13:42:33 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brusbser.sys -- (BrUsbSer)
DRV:[b]64bit:[/b] - [2006-09-18 23:30:18 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\brserwdm.sys -- (BrSerWdm)
DRV:[b]64bit:[/b] - [2006-09-18 23:30:18 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV:[b]64bit:[/b] - [2006-09-18 23:30:15 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brfiltlo.sys -- (BrFiltLo)
DRV:[b]64bit:[/b] - [2006-09-18 23:30:15 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\rtl8187.sys -- (RTL8187)
DRV - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\RtlProt.sys -- (RtlProt)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes,DefaultScope = {076D27D0-C78A-4A66-B52A-12D99FFF076C}
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{076D27D0-C78A-4A66-B52A-12D99FFF076C}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-14 20:46:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-26 22:55:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-03-24 08:52:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010-08-17 23:34:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions
[2012-05-02 23:08:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions
[2010-08-20 20:33:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-05-14 08:41:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-06-14 20:17:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-04-26 22:55:22 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010-07-12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012-02-21 08:41:53 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-21 08:41:53 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-02-21 08:41:53 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-02-21 08:41:53 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-21 08:41:53 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-21 08:41:53 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.1 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Szukaj w Google = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\
CHR - Extension: Gmail = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006-09-18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE2FB989-13FA-4066-99BA-709859E0804C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C60D701E-D8B3-4FE9-8AE4-7E775635852B}: DhcpNameServer = 217.30.129.149 217.30.137.200
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-06-18 16:37:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-06-18 07:55:48 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\foty
[2012-06-16 22:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-06-16 22:13:12 | 000,000,000 | ---D | C] -- C:\rsit
[2012-06-16 18:21:47 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\otl
[2012-06-15 20:11:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Macromedia
[2012-06-14 21:36:23 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-06-14 21:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-06-14 20:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012-06-14 20:47:43 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012-06-14 20:47:42 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012-06-14 20:47:37 | 000,043,864 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2012-06-14 20:47:36 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012-06-14 20:47:35 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012-06-14 20:47:33 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012-06-14 20:47:33 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012-06-14 20:46:41 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-06-14 20:46:40 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012-06-14 20:17:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-06-14 19:25:58 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2012-06-14 18:47:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Malwarebytes
[2012-06-14 18:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-06-14 18:46:56 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-06-14 18:37:12 | 000,000,000 | ---D | C] -- C:\Users\PC\DoctorWeb
[2012-06-14 07:21:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
[2012-06-13 21:36:36 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Książki do reader eboka FB2
[2012-06-12 20:33:11 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-06-12 20:33:09 | 000,742,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012-06-12 20:33:08 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012-06-12 20:33:08 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-06-12 20:33:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-06-12 20:33:07 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-06-12 20:33:07 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-06-12 20:33:07 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012-06-12 20:33:07 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012-06-12 20:33:07 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012-06-12 20:33:07 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-06-12 20:33:07 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-06-12 20:33:07 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-06-12 20:33:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012-06-12 20:33:07 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012-06-12 20:33:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012-06-12 20:33:06 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012-06-12 20:33:06 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012-06-12 20:33:06 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012-06-12 20:33:06 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-06-12 20:33:06 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-06-12 20:33:06 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012-06-12 20:33:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012-06-12 20:33:06 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012-06-12 20:33:06 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012-06-12 20:33:06 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012-06-12 20:33:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012-06-12 20:33:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012-06-12 20:33:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012-06-12 20:33:00 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012-06-12 20:33:00 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012-06-12 20:32:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{5443EA41-DD78-4877-94C0-F9128701CAFA}
[2012-06-12 20:32:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{18329BDE-2E8F-451C-8259-8852D3ECE25C}
[2012-06-12 07:22:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E5280B9B-5765-47E6-8F87-CC368C35EFA7}
[2012-06-12 07:21:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{95F9D0F6-F12E-46DC-A6B9-9C27D53116B1}
[2012-06-11 17:29:55 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{69499181-F1A3-4E39-B2C1-0C19B533626E}
[2012-06-11 17:29:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{12D94208-0637-4440-9129-D87B1D695DCE}
[2012-06-11 06:13:56 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\akcesoria do smazalni
[2012-06-10 21:59:15 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F3106188-2B5E-47B7-A9CD-13B99A2F0D9B}
[2012-06-10 21:59:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BD8018E5-FCD0-4B16-8A2F-2E3968C0C0A5}
[2012-06-10 19:43:59 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\sklep u Oli czerwiec 2012
[2012-06-10 09:58:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9A0D88DE-6EA7-4254-91FD-A0E43926C782}
[2012-06-10 09:58:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FC13A55C-FB09-4848-BBC4-BF92DA2AFD50}
[2012-06-09 21:58:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E86127A8-9605-4F48-A859-0C33B23F5740}
[2012-06-09 21:57:57 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4794BF80-E325-466E-9E7B-50818F4470E3}
[2012-06-09 19:58:45 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\szkolenie Gdańsk 09062012 Z.Kubat
[2012-06-08 09:23:07 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Aloes skany
[2012-06-08 08:18:55 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Katalog 2011 FLP w jpg
[2012-06-08 07:33:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{52E88903-73A8-41C9-9C3B-CC35ABA3EAE3}
[2012-06-08 07:33:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4CB4111F-09CD-4A95-9C21-DFA58ACEC969}
[2012-06-07 19:33:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{660B6176-5A2F-4517-8FEC-5D3A4A683F71}
[2012-06-07 19:32:59 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7D0C31BD-353B-4300-8A9F-94C4A2ECB58C}
[2012-06-06 18:34:25 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6B9505A7-A238-4BBC-814B-95606ED9D494}
[2012-06-06 18:34:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DE5019EF-6C87-4816-ADD3-F2F3CBCE24F6}
[2012-06-06 07:35:14 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{6C3E76FD-5E26-4365-9E42-202A936508A6}
[2012-06-05 19:34:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{98AAED9F-DB82-4912-BF95-2A356D6A9309}
[2012-06-05 19:34:38 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EBE2AF05-B210-48B9-B105-9462CE2DCFEC}
[2012-06-04 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{BAE449E5-DA0D-4076-8710-BF45CB6A7D9A}
[2012-06-04 20:50:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{21106E41-72BC-43C0-8253-8858762542E0}
[2012-06-04 05:46:00 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{70DD7591-AA16-4EA3-AD32-20C8AD0FF109}
[2012-06-04 05:45:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7353FC5F-F42B-4774-BF5C-B852FED785C1}
[2012-06-03 16:05:46 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F6DD6725-D63E-4C4B-B7DE-63980F5E4446}
[2012-06-03 16:05:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{E6ABF2FD-A280-4A10-9FFA-F11408851590}
[2012-06-02 07:38:18 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD7BE399-4DAA-49A1-8B48-DC8D777717C9}
[2012-06-02 07:38:08 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{634614C4-D75B-4B87-839E-2EB827E74944}
[2012-06-01 20:27:18 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Adobe
[2012-06-01 19:42:20 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\NVIDIA
[2012-06-01 18:42:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{27AAFDFC-C7B8-42C4-92E3-055E0EBC9C39}
[2012-06-01 18:42:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2A443356-19F1-4A2E-8CF0-6C12EB222AC3}
[2012-05-30 19:05:51 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{79D2E019-A289-4443-A28A-7020A614399C}
[2012-05-30 19:05:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{07DDC23A-4E96-4210-80B5-14449503C326}
[2012-05-30 07:05:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{0C577AA4-0559-480F-B048-A327EE796CCC}
[2012-05-30 07:05:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3FA364B3-C327-41E8-BC4C-E534FE293ADA}
[2012-05-29 19:04:42 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{640EA363-A243-425E-A263-D30715CDCB4E}
[2012-05-29 19:04:31 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{99DEA1FF-178F-45AE-9042-CBB0E0D47777}
[2012-05-29 07:04:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{3F8CA39C-0A1E-4CD5-BEA5-40FB83C8480B}
[2012-05-29 07:03:56 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C20D7D57-9BC7-4FFD-A62A-C15735130FC0}
[2012-05-28 17:29:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F8FD399B-930C-4D26-8B83-147CB4CD5689}
[2012-05-28 17:28:48 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{FD89645A-02E0-4CC0-9073-2659E8101112}
[2012-05-27 22:08:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{EC9AAE7A-DCB7-471D-B704-BDADA3ED926A}
[2012-05-27 22:08:37 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A2772B43-4482-4B0A-90CB-386F42F01D07}
[2012-05-27 10:08:11 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{844AAB1B-A0EC-4E23-B851-D49DC9761B61}
[2012-05-27 10:08:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{30640AA1-9C5E-4C60-BD03-1BFAB1D8F9BD}
[2012-05-25 21:23:05 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9670358C-2424-43BD-827A-FD3960CDEBC9}
[2012-05-25 21:22:54 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4D06EFB9-6451-497F-A94D-1B9EE2B002A4}
[2012-05-24 21:56:09 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{C08E8099-07DC-4050-8965-5EEEA61747BD}
[2012-05-24 21:55:58 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DF28F0E8-C953-432F-852F-D108F414BB8D}
[2012-05-23 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B162FFE1-FF52-40F7-B6F9-D6B22AB72A31}
[2012-05-23 21:37:24 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{25FCFBE5-FE41-47D9-8953-B3DC732079CF}
[2012-05-23 08:32:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{CA5F10C8-0546-4BB2-A097-48602E03FDDC}
[2012-05-23 08:32:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{229428F4-6CD2-4A84-9261-CA4B67C7264D}
[2012-05-22 20:31:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{7DAE0945-7BB0-4A6B-90DA-78BC25BA4F6B}
[2012-05-22 20:30:50 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{4861FC68-CA64-46F4-99DD-D7E5589F849B}
[2012-05-22 08:30:26 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{9405F964-1881-4CEE-B554-A81ABF55BE61}
[2012-05-22 08:30:16 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{142491D3-5CCB-40B1-808E-D167E2F037F7}
[2012-05-21 20:29:52 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1E5FAAB7-3F0A-423D-AF86-178BACA5D1EF}
[2012-05-21 20:29:41 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{F0A86C97-93B0-404D-B8C1-C47F640BC784}
[2012-05-21 08:29:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{B610FE54-AD8D-41DD-9C2F-A5FCA8CAA032}
[2012-05-21 08:29:06 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{A65F79AF-8336-4BDE-AE01-4C7FBBAF5F0C}
[2012-05-20 20:28:44 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{2FFD11E8-684E-4668-A07E-4837AA5C4EF9}
[2012-05-20 20:28:33 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{DD2DA2C4-A08A-4355-AFBB-82E3DF758089}
[2012-05-20 08:12:27 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{153AB40A-2ACF-4EF9-9B2D-4956D8E466B2}
[2012-05-20 08:12:17 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{D51B57BD-74AC-48D0-9ED5-F2B6C3288EE7}
[2012-05-19 18:02:07 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{1DAAFAA7-A6A8-47E3-A1C4-FF91B552FF1B}
[2012-05-19 18:01:49 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\{96CD979C-39E9-4CBB-9C47-89C29C622BC4}
[2011-05-06 19:12:30 | 001,233,920 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4.dll
[2011-05-06 19:12:30 | 000,044,544 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4a.dll
[2011-04-29 13:53:20 | 000,082,432 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4r.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-06-18 17:09:44 | 001,495,500 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-18 17:09:44 | 000,672,140 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-06-18 17:09:44 | 000,596,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-18 17:09:44 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-06-18 17:09:44 | 000,104,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-18 17:07:00 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-18 17:04:16 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012-06-18 17:04:15 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012-06-18 17:03:31 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-18 17:03:31 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-18 17:03:30 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-18 17:03:30 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\RtlVistaStart.job
[2012-06-18 17:03:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-18 17:03:21 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2012-06-18 17:02:08 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012-06-18 12:21:15 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-06-18 11:44:03 | 000,029,335 | ---- | M] () -- C:\Users\PC\Desktop\skrin3.jpg
[2012-06-18 11:41:27 | 000,030,166 | ---- | M] () -- C:\Users\PC\Desktop\skrin2.jpg
[2012-06-18 11:10:11 | 000,000,230 | ---- | M] () -- C:\fix.BAT
[2012-06-18 06:43:37 | 000,574,179 | ---- | M] () -- C:\Users\PC\Desktop\raport_skan_dr_web.jpg
[2012-06-18 06:29:37 | 000,000,680 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps.dat
[2012-06-16 07:36:39 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012-06-16 01:49:26 | 000,030,664 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr
[2012-06-16 01:43:42 | 000,011,887 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr
[2012-06-15 19:50:18 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-06-15 19:50:18 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-06-14 21:55:39 | 005,043,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-06-14 20:47:47 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-06-14 20:47:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-06-14 07:47:05 | 000,001,460 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat
[2012-06-13 06:32:49 | 000,023,758 | ---- | M] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr
[2012-06-13 06:22:08 | 001,272,603 | ---- | M] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf
[2012-06-13 06:07:27 | 000,020,802 | ---- | M] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr
[2012-06-12 15:01:37 | 000,100,851 | ---- | M] () -- C:\Users\PC\Desktop\neptun.eps
[2012-06-12 07:44:04 | 000,360,136 | ---- | M] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg
[2012-06-10 18:38:59 | 000,026,533 | ---- | M] () -- C:\Users\PC\Desktop\Rysunek1.eps
[2012-06-05 21:00:34 | 000,138,527 | ---- | M] () -- C:\Users\PC\Desktop\MLM.pdf
[2012-06-05 20:22:33 | 001,683,614 | ---- | M] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf
[2012-06-05 19:51:35 | 000,088,322 | ---- | M] () -- C:\Users\PC\Desktop\IdCard.pdf
[2012-06-03 23:18:48 | 003,701,146 | ---- | M] () -- C:\Users\PC\Desktop\katalog10_2011.pdf
[2012-06-03 17:42:32 | 000,076,910 | ---- | M] () -- C:\Windows\FontData.fdb
[2012-06-01 20:27:49 | 000,158,208 | ---- | M] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-21 08:18:41 | 000,415,621 | ---- | M] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf
[2012-05-19 18:11:31 | 031,905,004 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Civilization (Bongo, Bongo, Bongo).wav
[2012-05-19 18:11:22 | 030,293,864 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Shoo Shoo Baby.wav
[2012-05-19 18:11:13 | 030,164,498 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Sonny Boy.wav
[2012-05-19 18:11:04 | 028,071,220 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Rhumboogie.wav
[2012-05-19 18:10:55 | 034,503,940 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Hold Tight.wav
[2012-05-19 18:10:45 | 024,630,268 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Bounce Me Brother With a Solid Four.wav
[2012-05-19 18:10:37 | 029,176,696 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - When the Midnight Choo Choo Leaves for Alabama.wav
[2012-05-19 18:10:28 | 030,352,674 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Gimme Some Skin My Friend.wav
[2012-05-19 18:10:18 | 029,858,750 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Corns for My Country.wav
[2012-05-19 18:10:07 | 025,436,984 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Pagan Love Song.wav
[2012-05-19 18:09:58 | 025,150,056 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Way Down Yonder in New Orleans.wav
[2012-05-19 18:09:49 | 029,028,496 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Boogie Woogie Bugle Boy.wav
[2012-05-19 18:09:38 | 033,017,480 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Tuxedo Junction.wav
[2012-05-19 18:09:26 | 031,780,338 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Alexander's Ragtime Band.wav
[2012-05-19 18:09:13 | 028,188,830 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - I Can Dream, Can't I.wav
[2012-05-19 18:09:01 | 030,477,322 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Beer Barrel Polka.wav
[2012-05-19 18:08:47 | 030,305,640 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Beat Me Daddy, Eight to the Bar.wav
[2012-05-19 18:08:33 | 031,380,502 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Don't Sit Under the Appletree.wav
[2012-05-19 18:08:18 | 033,135,086 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Bei Mir Bist Du Schön.wav
[2012-05-19 18:08:00 | 033,497,290 | ---- | M] () -- C:\Users\PC\Documents\Andrews Sisters - Rum and Coca Cola.wav

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-06-18 11:44:03 | 000,029,335 | ---- | C] () -- C:\Users\PC\Desktop\skrin3.jpg
[2012-06-18 11:41:27 | 000,030,166 | ---- | C] () -- C:\Users\PC\Desktop\skrin2.jpg
[2012-06-18 11:10:10 | 000,000,230 | ---- | C] () -- C:\fix.BAT
[2012-06-18 06:43:35 | 000,574,179 | ---- | C] () -- C:\Users\PC\Desktop\raport_skan_dr_web.jpg
[2012-06-16 01:49:25 | 000,030,664 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr
[2012-06-16 01:45:08 | 000,100,851 | ---- | C] () -- C:\Users\PC\Desktop\neptun.eps
[2012-06-16 01:43:42 | 000,011,887 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr
[2012-06-14 20:47:47 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-06-14 20:47:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012-06-13 06:32:49 | 000,020,802 | ---- | C] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr
[2012-06-13 06:22:08 | 001,272,603 | ---- | C] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf
[2012-06-13 06:07:27 | 000,023,758 | ---- | C] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr
[2012-06-12 07:44:01 | 000,360,136 | ---- | C] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg
[2012-06-10 18:38:54 | 000,026,533 | ---- | C] () -- C:\Users\PC\Desktop\Rysunek1.eps
[2012-06-05 21:00:34 | 000,138,527 | ---- | C] () -- C:\Users\PC\Desktop\MLM.pdf
[2012-06-05 20:22:33 | 001,683,614 | ---- | C] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf
[2012-06-05 19:51:35 | 000,088,322 | ---- | C] () -- C:\Users\PC\Desktop\IdCard.pdf
[2012-06-03 23:18:48 | 003,701,146 | ---- | C] () -- C:\Users\PC\Desktop\katalog10_2011.pdf
[2012-06-01 19:57:45 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2012-06-01 19:57:01 | 000,001,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2012-06-01 19:56:03 | 000,001,274 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2012-06-01 19:55:59 | 000,001,350 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2012-05-21 08:18:41 | 000,415,621 | ---- | C] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf
[2012-05-19 18:11:22 | 031,905,004 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Civilization (Bongo, Bongo, Bongo).wav
[2012-05-19 18:11:13 | 030,293,864 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Shoo Shoo Baby.wav
[2012-05-19 18:11:04 | 030,164,498 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Sonny Boy.wav
[2012-05-19 18:10:55 | 028,071,220 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Rhumboogie.wav
[2012-05-19 18:10:45 | 034,503,940 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Hold Tight.wav
[2012-05-19 18:10:37 | 024,630,268 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Bounce Me Brother With a Solid Four.wav
[2012-05-19 18:10:28 | 029,176,696 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - When the Midnight Choo Choo Leaves for Alabama.wav
[2012-05-19 18:10:18 | 030,352,674 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Gimme Some Skin My Friend.wav
[2012-05-19 18:10:07 | 029,858,750 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Corns for My Country.wav
[2012-05-19 18:09:58 | 025,436,984 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Pagan Love Song.wav
[2012-05-19 18:09:49 | 025,150,056 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Way Down Yonder in New Orleans.wav
[2012-05-19 18:09:38 | 029,028,496 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Boogie Woogie Bugle Boy.wav
[2012-05-19 18:09:26 | 033,017,480 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Tuxedo Junction.wav
[2012-05-19 18:09:13 | 031,780,338 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Alexander's Ragtime Band.wav
[2012-05-19 18:09:01 | 028,188,830 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - I Can Dream, Can't I.wav
[2012-05-19 18:08:47 | 030,477,322 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Beer Barrel Polka.wav
[2012-05-19 18:08:33 | 030,305,640 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Beat Me Daddy, Eight to the Bar.wav
[2012-05-19 18:08:18 | 031,380,502 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Don't Sit Under the Appletree.wav
[2012-05-19 18:08:00 | 033,135,086 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Bei Mir Bist Du Schön.wav
[2012-05-19 18:07:40 | 033,497,290 | ---- | C] () -- C:\Users\PC\Documents\Andrews Sisters - Rum and Coca Cola.wav
[2012-01-18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012-01-18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012-01-18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012-01-11 19:33:16 | 000,002,048 | -HS- | C] () -- C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\@
[2011-10-04 19:55:57 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011-09-18 22:06:48 | 000,001,496 | ---- | C] () -- C:\Users\PC\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
[2011-03-02 07:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011-03-02 07:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011-03-02 07:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011-03-02 07:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011-03-02 07:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2010-09-21 21:32:00 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-09-09 18:42:58 | 000,000,008 | RHS- | C] () -- C:\ProgramData\4808029583.sys
[2010-09-09 18:42:57 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010-08-17 23:42:18 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-08-17 23:34:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-08-17 12:21:50 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2010-08-17 11:27:38 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010-08-17 11:27:02 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010-08-17 11:26:12 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010-08-17 10:00:47 | 000,158,208 | ---- | C] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-16 17:12:48 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010-08-16 17:12:47 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010-08-16 16:56:43 | 000,000,680 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps.dat
[2010-08-16 16:51:50 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010-08-16 16:34:32 | 000,001,460 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat

[color=#E56717]========== LOP Check ==========[/color]

[2011-03-04 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011-10-07 20:13:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\cryptlib
[2011-09-14 08:29:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FileZilla
[2010-08-17 23:53:09 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Gadu-Gadu 10
[2012-02-16 16:16:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GG
[2012-06-18 17:04:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ipla
[2011-08-06 22:37:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IrfanView
[2011-10-15 18:24:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Leadertech
[2010-09-08 21:45:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenFM
[2010-08-17 10:32:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenOffice.org
[2010-11-16 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\RDRM
[2012-05-13 14:51:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Samsung
[2010-09-09 21:35:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-04-17 07:19:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TeamViewer
[2012-05-14 21:50:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Temp
[2011-06-14 23:55:32 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Thinstall
[2012-04-02 23:20:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Windows Live Writer
[2012-06-18 17:03:30 | 000,000,258 | ---- | M] () -- C:\Windows\Tasks\RtlVistaStart.job
[2012-06-18 17:02:08 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 64 bytes -> C:\Users\PC\Desktop\SNC02502.mp4:TOC.WMV

< End of report >

[/log]

Gość
komentarz
komentarz

Infekcja wraca. Wykonaj mi skan w SystemLook na podanym w poście nr8 warunku i przedstaw raport

winbooy
komentarz
komentarz

Hmm no to nie ciekawie. Aktualnie brak komunikatów ze strony avasta.

Wrzucam log:
[log]SystemLook 30.07.11 by jpshortstuff
Log created at 19:04 on 18/06/2012 by PC
Administrator - Elevation successful

========== reg ==========

[HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}]
(No values found)

[HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32]
"ThreadingModel"="Both"
@="C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\n."


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}]
@="Microsoft WBEM New Event Subsystem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32]
@="%systemroot%\system32\wbem\wbemess.dll"
"ThreadingModel"="Both"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}]
@="MruPidlList"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
@="%SystemRoot%\system32\shell32.dll"
"ThreadingModel"="Apartment"


========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 384512 bytes [09:26 17/08/2010] [07:10 11/04/2009] 934E0B7D77FF78C18D9F8891221B6DE3
C:\Windows\SysWOW64\services.exe --a---- 279552 bytes [09:26 17/08/2010] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe --a---- 384512 bytes [02:49 21/01/2008] [02:49 21/01/2008] DFAC660F0F139276CC9299812DE42719
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe --a---- 384512 bytes [09:26 17/08/2010] [07:10 11/04/2009] 934E0B7D77FF78C18D9F8891221B6DE3
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe --a---- 279040 bytes [02:50 21/01/2008] [02:50 21/01/2008] 2B336AB6286D6C81FA02CBAB914E3C6C
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe --a---- 279552 bytes [09:26 17/08/2010] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B

-= EOF =-[/log]

Gość
komentarz
komentarz

Start > uruchom > regedit

W rejestrze znajdź klucz [[b]HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32]
"ThreadingModel"="Both"
@="C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\n."[/b]

i go usuń, chodzi o wartość [b]@="C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\n."[/b]

powinny tam byc dwa takie klucze i ty masz wyciachać ten co podałem

Potem uruchamiasz OTL i wklejasz skrypt

[code]:Files
C:\Windows\SysNative\%APPDATA%
C:\Users\PC\AppData\Local\{5443EA41-DD78-4877-94C0-F9128701CAFA}
C:\Users\PC\AppData\Local\{18329BDE-2E8F-451C-8259-8852D3ECE25C}
C:\Users\PC\AppData\Local\{E5280B9B-5765-47E6-8F87-CC368C35EFA7}
C:\Users\PC\AppData\Local\{95F9D0F6-F12E-46DC-A6B9-9C27D53116B1}
C:\Users\PC\AppData\Local\{69499181-F1A3-4E39-B2C1-0C19B533626E}
C:\Users\PC\AppData\Local\{12D94208-0637-4440-9129-D87B1D695DCE}
C:\Users\PC\AppData\Local\{F3106188-2B5E-47B7-A9CD-13B99A2F0D9B}
C:\Users\PC\AppData\Local\{BD8018E5-FCD0-4B16-8A2F-2E3968C0C0A5}
C:\Users\PC\AppData\Local\{9A0D88DE-6EA7-4254-91FD-A0E43926C782}
C:\Users\PC\AppData\Local\{FC13A55C-FB09-4848-BBC4-BF92DA2AFD50}
C:\Users\PC\AppData\Local\{E86127A8-9605-4F48-A859-0C33B23F5740}
C:\Users\PC\AppData\Local\{4794BF80-E325-466E-9E7B-50818F4470E3}
C:\Users\PC\AppData\Local\{52E88903-73A8-41C9-9C3B-CC35ABA3EAE3}
C:\Users\PC\AppData\Local\{4CB4111F-09CD-4A95-9C21-DFA58ACEC969}
C:\Users\PC\AppData\Local\{660B6176-5A2F-4517-8FEC-5D3A4A683F71}
C:\Users\PC\AppData\Local\{7D0C31BD-353B-4300-8A9F-94C4A2ECB58C}
C:\Users\PC\AppData\Local\{6B9505A7-A238-4BBC-814B-95606ED9D494}
C:\Users\PC\AppData\Local\{DE5019EF-6C87-4816-ADD3-F2F3CBCE24F6}
C:\Users\PC\AppData\Local\{6C3E76FD-5E26-4365-9E42-202A936508A6}
C:\Users\PC\AppData\Local\{98AAED9F-DB82-4912-BF95-2A356D6A9309}
C:\Users\PC\AppData\Local\{EBE2AF05-B210-48B9-B105-9462CE2DCFEC}
C:\Users\PC\AppData\Local\{BAE449E5-DA0D-4076-8710-BF45CB6A7D9A}
C:\Users\PC\AppData\Local\{21106E41-72BC-43C0-8253-8858762542E0}
C:\Users\PC\AppData\Local\{70DD7591-AA16-4EA3-AD32-20C8AD0FF109}
C:\Users\PC\AppData\Local\{7353FC5F-F42B-4774-BF5C-B852FED785C1}
C:\Users\PC\AppData\Local\{F6DD6725-D63E-4C4B-B7DE-63980F5E4446}
C:\Users\PC\AppData\Local\{E6ABF2FD-A280-4A10-9FFA-F11408851590}
C:\Users\PC\AppData\Local\{FD7BE399-4DAA-49A1-8B48-DC8D777717C9}
C:\Users\PC\AppData\Local\{634614C4-D75B-4B87-839E-2EB827E74944}
C:\Users\PC\AppData\Local\{27AAFDFC-C7B8-42C4-92E3-055E0EBC9C39}
C:\Users\PC\AppData\Local\{2A443356-19F1-4A2E-8CF0-6C12EB222AC3}
C:\Users\PC\AppData\Local\{79D2E019-A289-4443-A28A-7020A614399C}
C:\Users\PC\AppData\Local\{07DDC23A-4E96-4210-80B5-14449503C326}
C:\Users\PC\AppData\Local\{0C577AA4-0559-480F-B048-A327EE796CCC}
C:\Users\PC\AppData\Local\{3FA364B3-C327-41E8-BC4C-E534FE293ADA}
C:\Users\PC\AppData\Local\{640EA363-A243-425E-A263-D30715CDCB4E}
C:\Users\PC\AppData\Local\{99DEA1FF-178F-45AE-9042-CBB0E0D47777}
C:\Users\PC\AppData\Local\{3F8CA39C-0A1E-4CD5-BEA5-40FB83C8480B}
C:\Users\PC\AppData\Local\{C20D7D57-9BC7-4FFD-A62A-C15735130FC0}
C:\Users\PC\AppData\Local\{F8FD399B-930C-4D26-8B83-147CB4CD5689}
C:\Users\PC\AppData\Local\{FD89645A-02E0-4CC0-9073-2659E8101112}
C:\Users\PC\AppData\Local\{EC9AAE7A-DCB7-471D-B704-BDADA3ED926A}
C:\Users\PC\AppData\Local\{A2772B43-4482-4B0A-90CB-386F42F01D07}
C:\Users\PC\AppData\Local\{844AAB1B-A0EC-4E23-B851-D49DC9761B61}
C:\Users\PC\AppData\Local\{30640AA1-9C5E-4C60-BD03-1BFAB1D8F9BD}
C:\Users\PC\AppData\Local\{9670358C-2424-43BD-827A-FD3960CDEBC9}
C:\Users\PC\AppData\Local\{4D06EFB9-6451-497F-A94D-1B9EE2B002A4}
C:\Users\PC\AppData\Local\{C08E8099-07DC-4050-8965-5EEEA61747BD}
C:\Users\PC\AppData\Local\{DF28F0E8-C953-432F-852F-D108F414BB8D}
C:\Users\PC\AppData\Local\{B162FFE1-FF52-40F7-B6F9-D6B22AB72A31}
C:\Users\PC\AppData\Local\{25FCFBE5-FE41-47D9-8953-B3DC732079CF}
C:\Users\PC\AppData\Local\{CA5F10C8-0546-4BB2-A097-48602E03FDDC}
C:\Users\PC\AppData\Local\{229428F4-6CD2-4A84-9261-CA4B67C7264D}
C:\Users\PC\AppData\Local\{7DAE0945-7BB0-4A6B-90DA-78BC25BA4F6B}
C:\Users\PC\AppData\Local\{4861FC68-CA64-46F4-99DD-D7E5589F849B}
C:\Users\PC\AppData\Local\{9405F964-1881-4CEE-B554-A81ABF55BE61}
C:\Users\PC\AppData\Local\{142491D3-5CCB-40B1-808E-D167E2F037F7}
C:\Users\PC\AppData\Local\{1E5FAAB7-3F0A-423D-AF86-178BACA5D1EF}
C:\Users\PC\AppData\Local\{F0A86C97-93B0-404D-B8C1-C47F640BC784}
C:\Users\PC\AppData\Local\{B610FE54-AD8D-41DD-9C2F-A5FCA8CAA032}
C:\Users\PC\AppData\Local\{A65F79AF-8336-4BDE-AE01-4C7FBBAF5F0C}
C:\Users\PC\AppData\Local\{2FFD11E8-684E-4668-A07E-4837AA5C4EF9}
C:\Users\PC\AppData\Local\{DD2DA2C4-A08A-4355-AFBB-82E3DF758089}
C:\Users\PC\AppData\Local\{153AB40A-2ACF-4EF9-9B2D-4956D8E466B2}
C:\Users\PC\AppData\Local\{D51B57BD-74AC-48D0-9ED5-F2B6C3288EE7}
C:\Users\PC\AppData\Local\{1DAAFAA7-A6A8-47E3-A1C4-FF91B552FF1B}
C:\Users\PC\AppData\Local\{96CD979C-39E9-4CBB-9C47-89C29C622BC4}
C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}

:Commands
[reboot][/code]


Klikasz w[b] Wykonaj skrypt.[/b]


Po restarcie powtarzasz skan w [b]SystemLook[/b] i dajesz raport

winbooy
komentarz
komentarz

Wartość usunięta.

log z skryptu po restarcie : [log]========== FILES ==========
Folder move failed. C:\Windows\SysNative\%APPDATA% scheduled to be moved on reboot.
C:\Users\PC\AppData\Local\{5443EA41-DD78-4877-94C0-F9128701CAFA} folder moved successfully.
C:\Users\PC\AppData\Local\{18329BDE-2E8F-451C-8259-8852D3ECE25C} folder moved successfully.
C:\Users\PC\AppData\Local\{E5280B9B-5765-47E6-8F87-CC368C35EFA7} folder moved successfully.
C:\Users\PC\AppData\Local\{95F9D0F6-F12E-46DC-A6B9-9C27D53116B1} folder moved successfully.
C:\Users\PC\AppData\Local\{69499181-F1A3-4E39-B2C1-0C19B533626E} folder moved successfully.
C:\Users\PC\AppData\Local\{12D94208-0637-4440-9129-D87B1D695DCE} folder moved successfully.
C:\Users\PC\AppData\Local\{F3106188-2B5E-47B7-A9CD-13B99A2F0D9B} folder moved successfully.
C:\Users\PC\AppData\Local\{BD8018E5-FCD0-4B16-8A2F-2E3968C0C0A5} folder moved successfully.
C:\Users\PC\AppData\Local\{9A0D88DE-6EA7-4254-91FD-A0E43926C782} folder moved successfully.
C:\Users\PC\AppData\Local\{FC13A55C-FB09-4848-BBC4-BF92DA2AFD50} folder moved successfully.
C:\Users\PC\AppData\Local\{E86127A8-9605-4F48-A859-0C33B23F5740} folder moved successfully.
C:\Users\PC\AppData\Local\{4794BF80-E325-466E-9E7B-50818F4470E3} folder moved successfully.
C:\Users\PC\AppData\Local\{52E88903-73A8-41C9-9C3B-CC35ABA3EAE3} folder moved successfully.
C:\Users\PC\AppData\Local\{4CB4111F-09CD-4A95-9C21-DFA58ACEC969} folder moved successfully.
C:\Users\PC\AppData\Local\{660B6176-5A2F-4517-8FEC-5D3A4A683F71} folder moved successfully.
C:\Users\PC\AppData\Local\{7D0C31BD-353B-4300-8A9F-94C4A2ECB58C} folder moved successfully.
C:\Users\PC\AppData\Local\{6B9505A7-A238-4BBC-814B-95606ED9D494} folder moved successfully.
C:\Users\PC\AppData\Local\{DE5019EF-6C87-4816-ADD3-F2F3CBCE24F6} folder moved successfully.
C:\Users\PC\AppData\Local\{6C3E76FD-5E26-4365-9E42-202A936508A6} folder moved successfully.
C:\Users\PC\AppData\Local\{98AAED9F-DB82-4912-BF95-2A356D6A9309} folder moved successfully.
C:\Users\PC\AppData\Local\{EBE2AF05-B210-48B9-B105-9462CE2DCFEC} folder moved successfully.
C:\Users\PC\AppData\Local\{BAE449E5-DA0D-4076-8710-BF45CB6A7D9A} folder moved successfully.
C:\Users\PC\AppData\Local\{21106E41-72BC-43C0-8253-8858762542E0} folder moved successfully.
C:\Users\PC\AppData\Local\{70DD7591-AA16-4EA3-AD32-20C8AD0FF109} folder moved successfully.
C:\Users\PC\AppData\Local\{7353FC5F-F42B-4774-BF5C-B852FED785C1} folder moved successfully.
C:\Users\PC\AppData\Local\{F6DD6725-D63E-4C4B-B7DE-63980F5E4446} folder moved successfully.
C:\Users\PC\AppData\Local\{E6ABF2FD-A280-4A10-9FFA-F11408851590} folder moved successfully.
C:\Users\PC\AppData\Local\{FD7BE399-4DAA-49A1-8B48-DC8D777717C9} folder moved successfully.
C:\Users\PC\AppData\Local\{634614C4-D75B-4B87-839E-2EB827E74944} folder moved successfully.
C:\Users\PC\AppData\Local\{27AAFDFC-C7B8-42C4-92E3-055E0EBC9C39} folder moved successfully.
C:\Users\PC\AppData\Local\{2A443356-19F1-4A2E-8CF0-6C12EB222AC3} folder moved successfully.
C:\Users\PC\AppData\Local\{79D2E019-A289-4443-A28A-7020A614399C} folder moved successfully.
C:\Users\PC\AppData\Local\{07DDC23A-4E96-4210-80B5-14449503C326} folder moved successfully.
C:\Users\PC\AppData\Local\{0C577AA4-0559-480F-B048-A327EE796CCC} folder moved successfully.
C:\Users\PC\AppData\Local\{3FA364B3-C327-41E8-BC4C-E534FE293ADA} folder moved successfully.
C:\Users\PC\AppData\Local\{640EA363-A243-425E-A263-D30715CDCB4E} folder moved successfully.
C:\Users\PC\AppData\Local\{99DEA1FF-178F-45AE-9042-CBB0E0D47777} folder moved successfully.
C:\Users\PC\AppData\Local\{3F8CA39C-0A1E-4CD5-BEA5-40FB83C8480B} folder moved successfully.
C:\Users\PC\AppData\Local\{C20D7D57-9BC7-4FFD-A62A-C15735130FC0} folder moved successfully.
C:\Users\PC\AppData\Local\{F8FD399B-930C-4D26-8B83-147CB4CD5689} folder moved successfully.
C:\Users\PC\AppData\Local\{FD89645A-02E0-4CC0-9073-2659E8101112} folder moved successfully.
C:\Users\PC\AppData\Local\{EC9AAE7A-DCB7-471D-B704-BDADA3ED926A} folder moved successfully.
C:\Users\PC\AppData\Local\{A2772B43-4482-4B0A-90CB-386F42F01D07} folder moved successfully.
C:\Users\PC\AppData\Local\{844AAB1B-A0EC-4E23-B851-D49DC9761B61} folder moved successfully.
C:\Users\PC\AppData\Local\{30640AA1-9C5E-4C60-BD03-1BFAB1D8F9BD} folder moved successfully.
C:\Users\PC\AppData\Local\{9670358C-2424-43BD-827A-FD3960CDEBC9} folder moved successfully.
C:\Users\PC\AppData\Local\{4D06EFB9-6451-497F-A94D-1B9EE2B002A4} folder moved successfully.
C:\Users\PC\AppData\Local\{C08E8099-07DC-4050-8965-5EEEA61747BD} folder moved successfully.
C:\Users\PC\AppData\Local\{DF28F0E8-C953-432F-852F-D108F414BB8D} folder moved successfully.
C:\Users\PC\AppData\Local\{B162FFE1-FF52-40F7-B6F9-D6B22AB72A31} folder moved successfully.
C:\Users\PC\AppData\Local\{25FCFBE5-FE41-47D9-8953-B3DC732079CF} folder moved successfully.
C:\Users\PC\AppData\Local\{CA5F10C8-0546-4BB2-A097-48602E03FDDC} folder moved successfully.
C:\Users\PC\AppData\Local\{229428F4-6CD2-4A84-9261-CA4B67C7264D} folder moved successfully.
C:\Users\PC\AppData\Local\{7DAE0945-7BB0-4A6B-90DA-78BC25BA4F6B} folder moved successfully.
C:\Users\PC\AppData\Local\{4861FC68-CA64-46F4-99DD-D7E5589F849B} folder moved successfully.
C:\Users\PC\AppData\Local\{9405F964-1881-4CEE-B554-A81ABF55BE61} folder moved successfully.
C:\Users\PC\AppData\Local\{142491D3-5CCB-40B1-808E-D167E2F037F7} folder moved successfully.
C:\Users\PC\AppData\Local\{1E5FAAB7-3F0A-423D-AF86-178BACA5D1EF} folder moved successfully.
C:\Users\PC\AppData\Local\{F0A86C97-93B0-404D-B8C1-C47F640BC784} folder moved successfully.
C:\Users\PC\AppData\Local\{B610FE54-AD8D-41DD-9C2F-A5FCA8CAA032} folder moved successfully.
C:\Users\PC\AppData\Local\{A65F79AF-8336-4BDE-AE01-4C7FBBAF5F0C} folder moved successfully.
C:\Users\PC\AppData\Local\{2FFD11E8-684E-4668-A07E-4837AA5C4EF9} folder moved successfully.
C:\Users\PC\AppData\Local\{DD2DA2C4-A08A-4355-AFBB-82E3DF758089} folder moved successfully.
C:\Users\PC\AppData\Local\{153AB40A-2ACF-4EF9-9B2D-4956D8E466B2} folder moved successfully.
C:\Users\PC\AppData\Local\{D51B57BD-74AC-48D0-9ED5-F2B6C3288EE7} folder moved successfully.
C:\Users\PC\AppData\Local\{1DAAFAA7-A6A8-47E3-A1C4-FF91B552FF1B} folder moved successfully.
C:\Users\PC\AppData\Local\{96CD979C-39E9-4CBB-9C47-89C29C622BC4} folder moved successfully.
C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\U folder moved successfully.
C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e}\L folder moved successfully.
C:\Users\PC\AppData\Local\{c783b5ab-4acb-0500-129b-29439a59045e} folder moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.49.0 log created on 06182012_194033

Files\Folders moved on Reboot...
Folder move failed. C:\Windows\SysNative\%APPDATA% scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[/log]

log z systemLook [log]SystemLook 30.07.11 by jpshortstuff
Log created at 19:46 on 18/06/2012 by PC
Administrator - Elevation successful

========== reg ==========

[HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}]
(No values found)

[HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32]
"ThreadingModel"="Both"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}]
@="Microsoft WBEM New Event Subsystem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32]
@="%systemroot%\system32\wbem\wbemess.dll"
"ThreadingModel"="Both"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}]
@="MruPidlList"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
@="%SystemRoot%\system32\shell32.dll"
"ThreadingModel"="Apartment"


========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 384512 bytes [09:26 17/08/2010] [07:10 11/04/2009] 934E0B7D77FF78C18D9F8891221B6DE3
C:\Windows\SysWOW64\services.exe --a---- 279552 bytes [09:26 17/08/2010] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_2b7e5beb85a67240\services.exe --a---- 384512 bytes [02:49 21/01/2008] [02:49 21/01/2008] DFAC660F0F139276CC9299812DE42719
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_2d69d4f782c83d8c\services.exe --a---- 384512 bytes [09:26 17/08/2010] [07:10 11/04/2009] 934E0B7D77FF78C18D9F8891221B6DE3
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe --a---- 279040 bytes [02:50 21/01/2008] [02:50 21/01/2008] 2B336AB6286D6C81FA02CBAB914E3C6C
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe --a---- 279552 bytes [09:26 17/08/2010] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B

-= EOF =-[/log]

Gość
komentarz
komentarz

Jest ładnie - wpis z rejstru usuniety, foldery również. Daj mi teraz [b]ostatni skan weryfikacyjny z OTL[/b] i przejdziemy do czynnosci końcowych.

winbooy
komentarz
komentarz

otl: [log]OTL logfile created on: 2012-06-18 19:56:29 - Run 4
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 38,11% Memory free
8,21 Gb Paging File | 5,52 Gb Available in Paging File | 67,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,26 Gb Total Space | 78,27 Gb Free Space | 52,09% Space Free | Partition Type: NTFS
Drive D: | 781,25 Gb Total Space | 257,74 Gb Free Space | 32,99% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-06-16 18:20:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\PC\Desktop\otl\OTL.exe
PRC - [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012-05-11 16:33:52 | 019,858,432 | ---- | M] (Redefine Sp z o.o.) -- C:\Program Files (x86)\ipla\ipla.exe
PRC - [2012-04-27 02:13:06 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-03-07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2012-03-01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
PRC - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012-01-19 13:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012-01-19 13:26:18 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011-11-11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011-07-04 19:46:08 | 000,537,184 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\open-fm.exe
PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe
PRC - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2007-08-02 17:45:50 | 000,053,248 | ---- | M] (Sonic Focus, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
PRC - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007-04-03 10:30:56 | 000,995,328 | ---- | M] (AzureWave.com) -- C:\Program Files (x86)\ASUS WiFi-AP Solo\RtWLan.exe
PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-06-18 17:04:26 | 000,115,137 | ---- | M] () -- C:\Users\PC\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll
MOD - [2012-06-15 19:50:17 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
MOD - [2012-06-13 06:46:12 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012-06-13 05:47:55 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012-06-13 05:47:40 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012-06-13 05:47:36 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012-06-13 05:47:29 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012-06-13 05:47:28 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012-06-07 10:14:43 | 000,441,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
MOD - [2012-06-07 10:14:42 | 003,922,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012-06-07 10:13:27 | 000,553,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libglesv2.dll
MOD - [2012-06-07 10:13:26 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libegl.dll
MOD - [2012-06-07 10:13:16 | 000,134,696 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012-06-07 10:13:15 | 000,250,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012-06-07 10:13:14 | 002,375,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\PROGRA~2\Google\Chrome\APPLIC~1\190108~1.56\gcswf32.dll
MOD - [2012-05-13 14:52:10 | 000,021,416 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012-05-11 21:21:44 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012-05-11 21:20:20 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\31fab24c51c0cfe8b8115f24545f169f\System.Runtime.Remoting.ni.dll
MOD - [2012-05-11 21:20:13 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012-05-11 16:25:24 | 000,292,864 | ---- | M] () -- C:\Program Files (x86)\ipla\MediaFileScanner.dll
MOD - [2012-05-11 16:24:42 | 000,386,560 | ---- | M] () -- C:\Program Files (x86)\ipla\jabberoo.dll
MOD - [2012-05-11 16:22:40 | 000,156,160 | ---- | M] () -- C:\Program Files (x86)\ipla\lua.dll
MOD - [2012-05-11 16:21:52 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\ipla\ziplib.dll
MOD - [2012-05-11 07:31:34 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012-05-11 07:26:57 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012-05-11 07:26:53 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012-05-11 07:26:50 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012-05-11 07:26:48 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012-05-11 07:26:43 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2011-08-12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
MOD - [2011-08-12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
MOD - [2011-08-12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
MOD - [2011-08-12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
MOD - [2011-08-12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
MOD - [2011-07-04 19:46:26 | 000,152,160 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggzip.dll
MOD - [2011-07-04 19:46:24 | 000,270,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggwebkit.dll
MOD - [2011-07-04 19:46:22 | 000,111,200 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggradiocore.dll
MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 19:46:20 | 000,111,200 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggradio.dll
MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 19:46:16 | 000,127,584 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcimproxy.dll
MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 19:46:14 | 000,086,624 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gghttp.dll
MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-07-04 19:46:08 | 000,537,184 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\open-fm.exe
MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 10:59:40 | 000,946,688 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libxml2.dll
MOD - [2011-02-17 10:59:40 | 000,438,272 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libgstreamer-0.10.dll
MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 10:59:40 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\libgstinterfaces-0.10.dll
MOD - [2011-02-17 10:59:40 | 000,033,098 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\iconv.dll
MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll
MOD - [2007-03-09 14:29:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\ASUS WiFi-AP Solo\EnumDevLib.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:[b]64bit:[/b] - [2010-10-21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:[b]64bit:[/b] - [2007-06-07 07:41:54 | 000,089,088 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV - [2012-06-15 19:50:18 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-04-26 22:55:22 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-03-02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012-03-02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012-01-18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-03-30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-01-21 04:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008-01-21 04:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007-07-24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2012-03-07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2012-03-07 01:02:05 | 000,043,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2012-03-07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012-02-29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-01-18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64) Logitech Webcam C100(UVC)
DRV:[b]64bit:[/b] - [2010-10-05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wacmoumonitor.sys -- (wacmoumonitor)
DRV:[b]64bit:[/b] - [2009-10-01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:[b]64bit:[/b] - [2009-09-21 16:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacomvhid.sys -- (wacomvhid)
DRV:[b]64bit:[/b] - [2009-04-11 07:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2007-08-29 10:44:38 | 000,435,200 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:[b]64bit:[/b] - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RTL8187.sys -- (RTL8187)
DRV:[b]64bit:[/b] - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rtlprot.sys -- (RtlProt)
DRV:[b]64bit:[/b] - [2007-02-16 11:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wacommousefilter.sys -- (wacommousefilter)
DRV:[b]64bit:[/b] - [2006-12-05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PFC027.SYS -- (PAC207)
DRV:[b]64bit:[/b] - [2006-11-01 15:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ASACPI.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2006-10-04 03:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV - [2007-04-03 10:32:30 | 000,262,440 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\rtl8187.sys -- (RTL8187)
DRV - [2007-04-02 10:56:42 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\RtlProt.sys -- (RtlProt)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes,DefaultScope = {076D27D0-C78A-4A66-B52A-12D99FFF076C}
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\..\SearchScopes\{076D27D0-C78A-4A66-B52A-12D99FFF076C}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-14 20:46:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-26 22:55:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-03-24 08:52:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010-08-17 23:34:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Extensions
[2012-05-02 23:08:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions
[2010-08-20 20:33:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\PC\AppData\Roaming\mozilla\Firefox\Profiles\hqap91pz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-05-14 08:41:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-06-14 20:17:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-04-26 22:55:22 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010-07-12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012-02-21 08:41:53 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-02-21 08:41:53 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-02-21 08:41:53 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-02-21 08:41:53 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-02-21 08:41:53 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-02-21 08:41:53 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.1 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Szukaj w Google = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\
CHR - Extension: Gmail = C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006-09-18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SoundTray] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe (Sonic Focus, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [IPLA!] C:\Program Files (x86)\ipla\ipla.exe (Redefine Sp z o.o.)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE2FB989-13FA-4066-99BA-709859E0804C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C60D701E-D8B3-4FE9-8AE4-7E775635852B}: DhcpNameServer = 217.30.129.149 217.30.137.200
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-06-18 16:37:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-06-18 07:55:48 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\foty
[2012-06-16 22:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-06-16 22:13:12 | 000,000,000 | ---D | C] -- C:\rsit
[2012-06-16 18:21:47 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\otl
[2012-06-15 20:11:40 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Local\Macromedia
[2012-06-14 21:36:23 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012-06-14 21:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-06-14 20:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012-06-14 20:47:43 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012-06-14 20:47:42 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012-06-14 20:47:37 | 000,043,864 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2012-06-14 20:47:36 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012-06-14 20:47:35 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012-06-14 20:47:33 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012-06-14 20:47:33 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012-06-14 20:46:41 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-06-14 20:46:40 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012-06-14 20:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012-06-14 20:17:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-06-14 19:25:58 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2012-06-14 18:47:01 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Malwarebytes
[2012-06-14 18:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-06-14 18:46:56 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-06-14 18:46:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-06-14 18:37:12 | 000,000,000 | ---D | C] -- C:\Users\PC\DoctorWeb
[2012-06-14 07:21:23 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
[2012-06-13 21:36:36 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Książki do reader eboka FB2
[2012-06-12 20:33:11 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012-06-12 20:33:09 | 000,742,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012-06-12 20:33:08 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012-06-12 20:33:08 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012-06-12 20:33:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012-06-12 20:33:07 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012-06-12 20:33:07 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012-06-12 20:33:07 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012-06-12 20:33:07 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012-06-12 20:33:07 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012-06-12 20:33:07 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012-06-12 20:33:07 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012-06-12 20:33:07 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012-06-12 20:33:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012-06-12 20:33:07 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012-06-12 20:33:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012-06-12 20:33:06 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012-06-12 20:33:06 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012-06-12 20:33:06 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012-06-12 20:33:06 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012-06-12 20:33:06 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012-06-12 20:33:06 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012-06-12 20:33:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012-06-12 20:33:06 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012-06-12 20:33:06 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012-06-12 20:33:06 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012-06-12 20:33:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012-06-12 20:33:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012-06-12 20:33:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012-06-12 20:33:00 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012-06-12 20:33:00 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012-06-11 06:13:56 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\akcesoria do smazalni
[2012-06-10 19:43:59 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\sklep u Oli czerwiec 2012
[2012-06-09 19:58:45 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\szkolenie Gdańsk 09062012 Z.Kubat
[2012-06-08 09:23:07 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Aloes skany
[2012-06-08 08:18:55 | 000,000,000 | ---D | C] -- C:\Users\PC\Desktop\Katalog 2011 FLP w jpg
[2012-06-01 20:27:18 | 000,000,000 | ---D | C] -- C:\Users\PC\Documents\Adobe
[2012-06-01 19:42:20 | 000,000,000 | ---D | C] -- C:\Users\PC\AppData\Roaming\NVIDIA
[2011-05-06 19:12:30 | 001,233,920 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4.dll
[2011-05-06 19:12:30 | 000,044,544 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4a.dll
[2011-04-29 13:53:20 | 000,082,432 | R--- | C] (Microsoft Corporation) -- C:\Users\PC\AppData\Roaming\msxml4r.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-06-18 19:48:19 | 001,495,500 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-18 19:48:19 | 000,672,140 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-06-18 19:48:19 | 000,596,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-18 19:48:19 | 000,130,548 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-06-18 19:48:19 | 000,104,110 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-18 19:42:33 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012-06-18 19:42:33 | 000,172,157 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012-06-18 19:42:14 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-18 19:42:14 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-18 19:42:12 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-18 19:42:09 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\RtlVistaStart.job
[2012-06-18 19:42:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-18 19:42:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2012-06-18 19:40:50 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012-06-18 19:21:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-06-18 19:07:03 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-18 11:10:11 | 000,000,230 | ---- | M] () -- C:\fix.BAT
[2012-06-18 06:43:37 | 000,574,179 | ---- | M] () -- C:\Users\PC\Desktop\raport_skan_dr_web.jpg
[2012-06-18 06:29:37 | 000,000,680 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps.dat
[2012-06-16 07:36:39 | 000,002,828 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012-06-16 01:49:26 | 000,030,664 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr
[2012-06-16 01:43:42 | 000,011,887 | ---- | M] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr
[2012-06-15 19:50:18 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-06-15 19:50:18 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-06-14 21:55:39 | 005,043,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-06-14 20:47:47 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-06-14 20:47:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-06-14 07:47:05 | 000,001,460 | ---- | M] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat
[2012-06-13 06:32:49 | 000,023,758 | ---- | M] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr
[2012-06-13 06:22:08 | 001,272,603 | ---- | M] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf
[2012-06-13 06:07:27 | 000,020,802 | ---- | M] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr
[2012-06-12 15:01:37 | 000,100,851 | ---- | M] () -- C:\Users\PC\Desktop\neptun.eps
[2012-06-12 07:44:04 | 000,360,136 | ---- | M] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg
[2012-06-10 18:38:59 | 000,026,533 | ---- | M] () -- C:\Users\PC\Desktop\Rysunek1.eps
[2012-06-05 21:00:34 | 000,138,527 | ---- | M] () -- C:\Users\PC\Desktop\MLM.pdf
[2012-06-05 20:22:33 | 001,683,614 | ---- | M] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf
[2012-06-05 19:51:35 | 000,088,322 | ---- | M] () -- C:\Users\PC\Desktop\IdCard.pdf
[2012-06-03 23:18:48 | 003,701,146 | ---- | M] () -- C:\Users\PC\Desktop\katalog10_2011.pdf
[2012-06-03 17:42:32 | 000,076,910 | ---- | M] () -- C:\Windows\FontData.fdb
[2012-06-01 20:27:49 | 000,158,208 | ---- | M] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-05-21 08:18:41 | 000,415,621 | ---- | M] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-06-18 11:10:10 | 000,000,230 | ---- | C] () -- C:\fix.BAT
[2012-06-18 06:43:35 | 000,574,179 | ---- | C] () -- C:\Users\PC\Desktop\raport_skan_dr_web.jpg
[2012-06-16 01:49:25 | 000,030,664 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_NEPTUN_krzywe.cdr
[2012-06-16 01:45:08 | 000,100,851 | ---- | C] () -- C:\Users\PC\Desktop\neptun.eps
[2012-06-16 01:43:42 | 000,011,887 | ---- | C] () -- C:\Users\PC\Desktop\znaki parkingowe_wersja2_krzywe.cdr
[2012-06-14 20:47:47 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-06-14 20:47:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012-06-13 06:32:49 | 000,020,802 | ---- | C] () -- C:\Users\PC\Desktop\Kopia_zapasowa_nakladka_pilot_okulary_13062012.cdr
[2012-06-13 06:22:08 | 001,272,603 | ---- | C] () -- C:\Users\PC\Desktop\grafika_nakladka_naqubik_okulary_06062012_poprawka1106.pdf
[2012-06-13 06:07:27 | 000,023,758 | ---- | C] () -- C:\Users\PC\Desktop\nakladka_pilot_okulary_13062012.cdr
[2012-06-12 07:44:01 | 000,360,136 | ---- | C] () -- C:\Users\PC\Desktop\zamowienie_12062012.jpg
[2012-06-10 18:38:54 | 000,026,533 | ---- | C] () -- C:\Users\PC\Desktop\Rysunek1.eps
[2012-06-05 21:00:34 | 000,138,527 | ---- | C] () -- C:\Users\PC\Desktop\MLM.pdf
[2012-06-05 20:22:33 | 001,683,614 | ---- | C] () -- C:\Users\PC\Desktop\Product_Brochure_Polish.pdf
[2012-06-05 19:51:35 | 000,088,322 | ---- | C] () -- C:\Users\PC\Desktop\IdCard.pdf
[2012-06-03 23:18:48 | 003,701,146 | ---- | C] () -- C:\Users\PC\Desktop\katalog10_2011.pdf
[2012-06-01 19:57:45 | 000,001,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2012-06-01 19:57:01 | 000,001,067 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2012-06-01 19:56:03 | 000,001,274 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2012-06-01 19:55:59 | 000,001,350 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2012-05-21 08:18:41 | 000,415,621 | ---- | C] () -- C:\Users\PC\Desktop\Przedsiębiorstwa w ramach MLM.pdf
[2012-01-18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012-01-18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012-01-18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011-10-04 19:55:57 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011-09-18 22:06:48 | 000,001,496 | ---- | C] () -- C:\Users\PC\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
[2011-03-02 07:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011-03-02 07:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011-03-02 07:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011-03-02 07:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011-03-02 07:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2010-09-21 21:32:00 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-09-09 18:42:58 | 000,000,008 | RHS- | C] () -- C:\ProgramData\4808029583.sys
[2010-09-09 18:42:57 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010-08-17 23:42:18 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-08-17 23:34:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-08-17 12:21:50 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2010-08-17 11:27:38 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010-08-17 11:27:02 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010-08-17 11:26:12 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010-08-17 10:00:47 | 000,158,208 | ---- | C] () -- C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-16 17:12:48 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010-08-16 17:12:47 | 000,172,157 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010-08-16 16:56:43 | 000,000,680 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps.dat
[2010-08-16 16:51:50 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010-08-16 16:34:32 | 000,001,460 | ---- | C] () -- C:\Users\PC\AppData\Local\d3d9caps64.dat

[color=#E56717]========== LOP Check ==========[/color]

[2011-03-04 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011-10-07 20:13:12 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\cryptlib
[2011-09-14 08:29:17 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\FileZilla
[2010-08-17 23:53:09 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Gadu-Gadu 10
[2012-02-16 16:16:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\GG
[2012-06-18 19:42:39 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\ipla
[2011-08-06 22:37:50 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\IrfanView
[2011-10-15 18:24:30 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Leadertech
[2010-09-08 21:45:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenFM
[2010-08-17 10:32:35 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\OpenOffice.org
[2010-11-16 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\RDRM
[2012-05-13 14:51:44 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Samsung
[2010-09-09 21:35:46 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012-04-17 07:19:20 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\TeamViewer
[2012-05-14 21:50:24 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Temp
[2011-06-14 23:55:32 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Thinstall
[2012-04-02 23:20:18 | 000,000,000 | ---D | M] -- C:\Users\PC\AppData\Roaming\Windows Live Writer
[2012-06-18 19:42:09 | 000,000,258 | ---- | M] () -- C:\Windows\Tasks\RtlVistaStart.job
[2012-06-18 19:40:50 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 64 bytes -> C:\Users\PC\Desktop\SNC02502.mp4:TOC.WMV

< End of report >

[/log]

extras: [log]OTL Extras logfile created on: 2012-06-18 19:56:29 - Run 4
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\PC\Desktop\otl
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 38,11% Memory free
8,21 Gb Paging File | 5,52 Gb Available in Paging File | 67,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,26 Gb Total Space | 78,27 Gb Free Space | 52,09% Space Free | Partition Type: NTFS
Drive D: | 781,25 Gb Total Space | 257,74 Gb Free Space | 32,99% Space Free | Partition Type: NTFS

Computer Name: PC-PC | User Name: PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\cs6\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 63 A2 6C 66 0C 48 CB 01 [binary data]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3427946872-3053539125-2350841564-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[color=#E56717]========== Firewall Settings ==========[/color]

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7F05E704-30A6-421A-97A7-8EEB1C7FF011}" = Corel Shell Extension - 64Bit
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.6.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Pen Tablet Driver" = Bamboo

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6834B8AE-D23B-4B26-A919-6515844CF2BA}" = CorelDRAW Graphics Suite X4 - Lang PL
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1045-7B44-A93000000001}" = Adobe Reader 9.3 - Polish
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BE686891-3C56-4714-AFEF-341A7867BA80}" = ASUS WiFi-AP Solo
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5A6D02F-3CBB-4FBF-8F65-C3A6D721E8A4}" = OpenOffice.org 3.2
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{ED0FB0C1-CD06-4C29-B903-8A91D4BF5B61}_is1" = NexusFile (5.3.1.5460)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Clownfish" = Clownfish for Skype
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.0
"flashFONT" = flashFONT
"Gadu-Gadu 10" = Gadu-Gadu 10
"Google Chrome" = Google Chrome
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"ipla" = ipla 2.3.5
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.61.0.1400
"Mechanical Clock 3D Screensaver_is1" = Mechanical Clock 3D Screensaver 1.0
"Mozilla Firefox 12.0 (x86 pl)" = Mozilla Firefox 12.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"QuicktimeAlt_is1" = QuickTime Alternative 3.1.1
"RealAlt_is1" = Real Alternative 2.0.2
"SkanerOnline" = Skaner on-line mks_vir
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Winamp" = Winamp
"WinLiveSuite" = Podstawowe programy Windows Live

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3427946872-3053539125-2350841564-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-02-08 02:55:53 | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 2012-02-08 02:55:54 | Computer Name = PC-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 2012-02-08 05:26:24 | Computer Name = PC-PC | Source = WinMgmt | ID = 10
Description =

Error - 2012-02-08 05:55:15 | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: 16b4 Godzina rozpoczęcia: 01cce6468e63c29e
Godzina
zakończenia: 12

Error - 2012-02-08 06:00:10 | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: 14c8 Godzina rozpoczęcia: 01cce647c336991e
Godzina
zakończenia: 11

Error - 2012-02-08 06:05:22 | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = Program CORELDRW.EXE w wersji 14.0.0.567 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: 1798 Godzina rozpoczęcia: 01cce6487ac5909e
Godzina
zakończenia: 15

Error - 2012-02-08 09:15:17 | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = Program WINWORD.EXE w wersji 0.0.0.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: 1e68 Godzina rozpoczęcia: 01cce6638867e7fe
Godzina
zakończenia: 15

Error - 2012-02-08 09:15:47 | Computer Name = PC-PC | Source = SideBySide | ID = 16842830
Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\PC\Downloads\esetsmartinstaller_plk(1).exe”.
Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana
przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki
powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error - 2012-02-08 09:15:47 | Computer Name = PC-PC | Source = SideBySide | ID = 16842830
Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\PC\Downloads\esetsmartinstaller_plk.exe”.
Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana
przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki
powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error - 2012-02-08 09:39:01 | Computer Name = PC-PC | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 2011-02-16 16:35:21 | Computer Name = PC-PC | Source = Media Center Guide | ID = 0
Description = Informacje o zdarzeniu: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Proces: DefaultDomain Nazwa obiektu: Media Center
Guide

[ System Events ]
Error - 2012-06-18 13:02:22 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 2012-06-18 13:02:22 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 2012-06-18 13:02:22 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 2012-06-18 13:02:22 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 2012-06-18 13:02:22 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-06-18 13:43:44 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 2012-06-18 13:43:44 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 2012-06-18 13:43:44 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7003
Description =

Error - 2012-06-18 13:43:44 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 2012-06-18 13:43:44 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >

[/log]

Oby teraz czysto było :prosi:

Gość
komentarz
komentarz

Skasuj ręcznie ten folder.

C:\Windows\SysNative\%APPDATA%

jest ukryty więc musisz właczyć pokazywanie ukrytych plików i folderów. Po usunieci zrób restart i sprawdź czy to bydle się pojawia. Jak coś to wejdź w awaryjny i powtórz operację usuwania. Tak poza tym czysto. Czekam na odpowiedź

winbooy
komentarz
komentarz (edytowane)

Nie mogłem usunąć, ponieważ nie widzę/ nie mam tego katalogu SysNative. Ustawiłem pokazywanie ukrytych folderów, oraz pokazywanie folderów systemowych. Lookałem w zwykłym trybie, oraz podczas uruchomienia awaryjnego.

Na potwierdzenie wrzucam zdj z folderu "Windows" [url="http://postimage.org/image/yxksglthn/"][img]http://s17.postimage.org/yxksglthn/20120618_205350.jpg[/img][/url]

Gość
komentarz
komentarz

Uruchom Systemlook i w okno wklej

[code]:folderfind
C:\Windows\SysNative\%APPDATA%[/code]

Kliknij w Look. Przedstaw raport

winbooy
komentarz
komentarz

Ok. wklejam raport: [log]SystemLook 30.07.11 by jpshortstuff
Log created at 21:18 on 18/06/2012 by PC
Administrator - Elevation successful

========== folderfind ==========

Searching for "C:\Windows\SysNative\%APPDATA%"
No folders found.

-= EOF =-[/log]

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.