x-kom hosting

0x8007042c prosze o pomoc

Janek92brum
utworzono
utworzono (edytowane)

Otóż mam problem z zaporą sieci windows , jestem laikiem w tego typu tematach . Jakiś czas temu chciałem coś sprawdzić z zaporą i natknąłem się na ten komunikat " zapora windows nie moze zmienic nie których ustawień kod błędu :0x8007042c " próbowałem nie których metod z tąd [url="http://answers.microsoft.com/en-us/windows/forum/windows_7-security/windows-firewall-cant-change-some-of-your-settings/2679690e-c375-4232-ae45-404374386635?page=5&tm=1353882164855"]http://answers.micro...m=1353882164855[/url] ale nawet plik services który jest czasem wymagany nie chce się włączyć ( włączając go jako admin) , proszę o pomoc z góry dzięki
i logi
Extras
[log]OTL Extras logfile created on: 2012-11-25 23:35:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Łuczewski\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 5,55 Gb Available Physical Memory | 70,36% Memory free
15,78 Gb Paging File | 13,20 Gb Available in Paging File | 83,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 48,69 Gb Free Space | 17,42% Space Free | Partition Type: NTFS
Drive D: | 394,45 Gb Total Space | 44,54 Gb Free Space | 11,29% Space Free | Partition Type: NTFS
Drive F: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCZEWSKIPC | User Name: Łuczewski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03E5CBD3-73E3-410D-890D-D3F48B2653A6}" = Windows Live Family Safety
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E7EF678-587B-43E9-B13C-9F4B52ACFFCA}" = Windows Live Family Safety
"{0F872589-F781-4EAF-9CBC-BF6A9809F17D}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19E42E62-8C05-42DE-9DC4-C606F9F8927B}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E8F990F-A140-47D4-B266-402E9CF96FC3}" = Windows Live Family Safety
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}" = Windows Live Family Safety
"{5708148D-3A0E-4587-8311-DFCFA33F4D92}" = Windows Live Family Safety
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7D8BBAF2-E7C6-4BB6-9E35-31340373F699}" = Windows Live Family Safety
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0415-1000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A2D54577-154D-4D8B-9ECF-D7D4553ECE63}" = Windows Live Family Safety
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B96C4CA9-FA40-490C-B3BB-50F84A44694E}" = Windows Live Family Safety
"{BCA3DCDA-170A-44DB-A888-78105ABACF43}" = Windows Live Family Safety
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{D8F30372-43E3-4720-ABDE-11C95E562B71}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Elantech" = ETDWare PS/2-X64 10.5.9.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{122800FE-3AAF-4974-9FBD-54B023FA756A}" = „Windows Live Messenger“
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{19EA33FB-B34E-40EA-8B8A-61743AEB795A}" = Wireless Console 3
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect™ 3
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}" = Dream Vacation Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}" = Bubbletown
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}" = Go Go Gourmet Chef of the Year
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}" = Turbo Fiesta
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}" = World of Goo
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}" = Mahjong Memoirs
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}" = Deadtime Stories
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}" = Farm Frenzy 3 - Madagascar
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90140011-0066-0415-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Polski
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3
"{938CFBD4-0652-49E5-BB8B-153948865941}" = ASUS Virtual Touch
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel® Manageability Engine Firmware Recovery Agent
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD215FCB-27E8-4C86-9251-8B8C1D548743}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}" = Windows Live Messenger
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Obsługa programów Apple
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FA20D803-14E5-4B00-8F03-B519D46F9D4A}" = Windows Live Messenger
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALL YouTube Downloader_is1" = ALL YouTube Downloader
"ALLPlayer_is1" = ALLPlayer V5.X
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUSscr_K_NoSound" = ASUSscr_K_NoSound
"AVG Secure Search" = AVG Security Toolbar
"Game Park Console" = Game Park Console
"Google Chrome" = Google Chrome
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.8.0 (Full)
"LiveVDO plugin" = LiveVDO plugin 1.3
"Minecraft Cracked" = Minecraft Cracked
"Mozilla Firefox 16.0.2 (x86 pl)" = Mozilla Firefox 16.0.2 (x86 pl)
"Mozilla Thunderbird 14.0 (x86 pl)" = Mozilla Thunderbird 14.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151)
"Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"Origin" = Origin
"PeerGuardian_is1" = PeerGuardian 2.0
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Sleeping Dogs_is1" = Sleeping Dogs version 1.4
"StartNow Toolbar" = StartNow Toolbar
"Steam App 56400" = Warhammer® 40,000™: Dawn of War® II – Retribution™
"Uplay" = Uplay
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"VLC media player" = VLC media player 2.0.3
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"YouTube to ALLPlayer_is1" = YouTube to ALLPlayer

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-11-24 01:46:43 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3993

Error - 2012-11-24 01:46:44 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2012-11-24 01:46:44 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4992

Error - 2012-11-24 01:46:44 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4992

Error - 2012-11-25 06:21:22 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-25 14:32:29 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-25 14:38:51 | Computer Name = Łuczewskipc | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: swtor.exe, wersja: 1.0.0.0, sygnatura
czasowa: 0x50a55767 Nazwa modułu powodującego błąd: MSVCR90.dll, wersja: 9.0.30729.6161,
sygnatura czasowa: 0x4dace5b9 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0003734d
Identyfikator
procesu powodującego błąd: 0xf40 Godzina uruchomienia aplikacji powodującej błąd:
0x01cdcb3b2a6a38e8 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Electronic
Arts\BioWare\Star Wars-The Old Republic\swtor\RetailClient\swtor.exe Ścieżka modułu
powodującego błąd: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
Identyfikator
raportu: 5aebf110-372f-11e2-8e36-0008caf29752

Error - 2012-11-25 14:38:51 | Computer Name = Łuczewskipc | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: swtor.exe, wersja: 1.0.0.0, sygnatura
czasowa: 0x50a55767 Nazwa modułu powodującego błąd: MemoryMan.dll, wersja: 0.0.0.0,
sygnatura czasowa: 0x50a552b2 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00005883
Identyfikator
procesu powodującego błąd: 0x1450 Godzina uruchomienia aplikacji powodującej błąd:
0x01cdcb3b2c4e694f Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Electronic
Arts\BioWare\Star Wars-The Old Republic\swtor\RetailClient\swtor.exe Ścieżka modułu
powodującego błąd: C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars-The
Old Republic\swtor\RetailClient\MemoryMan.dll Identyfikator raportu: 5aec1820-372f-11e2-8e36-0008caf29752

Error - 2012-11-25 17:59:13 | Computer Name = Łuczewskipc | Source = Application Hang | ID = 1002
Description = Program HMA.exe w wersji 1.0.433.1 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: ff8 Godzina rozpoczęcia: 01cdcb57139b439e Godzina zakończenia:
666 Ścieżka aplikacji: C:\Program Files (x86)\Hitman Absolution\HMA.exe Identyfikator
raportu:

Error - 2012-11-25 18:10:29 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


[ System Events ]
Error - 2012-11-13 12:04:01 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie;
wystąpił następujący błąd: %%-2147024891

Error - 2012-11-13 12:04:01 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891

Error - 2012-11-14 04:25:31 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Podstawowy aparat filtrowania zakończyła działanie; wystąpił
następujący błąd: %%5

Error - 2012-11-14 04:25:31 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Zapora systemu Windows zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-14 04:25:34 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Moduły obsługi kluczy IPsec IKE i AuthIP zależy od usługi Podstawowy
aparat filtrowania, której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-14 04:25:34 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Agent zasad IPsec zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-14 04:27:25 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie;
wystąpił następujący błąd: %%-2147024891

Error - 2012-11-14 04:27:25 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891

Error - 2012-11-14 14:09:35 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie;
wystąpił następujący błąd: %%-2147024891

Error - 2012-11-14 14:09:35 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891


< End of report >
[/log]
i teraz OTL
[log]OTL logfile created on: 2012-11-25 23:35:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Łuczewski\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 5,55 Gb Available Physical Memory | 70,36% Memory free
15,78 Gb Paging File | 13,20 Gb Available in Paging File | 83,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 48,69 Gb Free Space | 17,42% Space Free | Partition Type: NTFS
Drive D: | 394,45 Gb Total Space | 44,54 Gb Free Space | 11,29% Space Free | Partition Type: NTFS
Drive F: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCZEWSKIPC | User Name: Łuczewski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-11-25 23:32:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Łuczewski\Downloads\OTL.exe
PRC - [2012-11-25 23:00:34 | 000,046,080 | ---- | M] (HEWGBhyj HJERe) -- C:\Users\Łuczewski\Documents\Windows\winsuchost.exe
PRC - [2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\msdata\explorer.exe
PRC - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-11-08 22:20:30 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012-11-08 22:20:30 | 000,711,112 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
PRC - [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-10-25 15:27:11 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-09-09 23:30:34 | 000,421,776 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2012-08-20 08:39:39 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012-08-11 16:43:06 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2012-06-22 17:11:10 | 001,021,840 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012-06-22 14:55:48 | 000,265,952 | ---- | M] () -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
PRC - [2012-05-31 05:10:58 | 000,336,992 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2012-03-04 21:22:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-02-29 02:19:04 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012-02-29 02:19:02 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012-02-17 02:04:20 | 000,289,408 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
PRC - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
PRC - [2012-02-07 05:12:52 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-01-30 22:32:16 | 001,120,936 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012-01-04 13:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
PRC - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011-12-21 22:15:54 | 000,017,872 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
PRC - [2011-10-03 19:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009-07-14 02:14:42 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-11-25 23:32:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Łuczewski\Downloads\OTL.exe
MOD - [2012-11-25 23:00:38 | 000,360,448 | ---- | M] (UREhfuie UIERhfuie) -- C:\Users\Łuczewski\Documents\Windows\usft_ext.dll
MOD - [2012-11-25 23:00:36 | 000,271,360 | ---- | M] (URIfheu EURIfhe) -- C:\Users\Łuczewski\Documents\Windows\miner.dll
MOD - [2012-11-25 23:00:34 | 000,046,080 | ---- | M] (HEWGBhyj HJERe) -- C:\Users\Łuczewski\Documents\Windows\winsuchost.exe
MOD - [2012-11-08 22:20:30 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012-11-08 22:20:30 | 000,566,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll
MOD - [2012-11-08 22:20:30 | 000,134,600 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll
MOD - [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
MOD - [2012-10-31 23:15:05 | 000,460,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
MOD - [2012-10-31 23:15:04 | 012,455,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
MOD - [2012-10-31 23:15:02 | 004,007,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
MOD - [2012-10-31 23:13:47 | 000,587,288 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libglesv2.dll
MOD - [2012-10-31 23:13:46 | 000,123,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libegl.dll
MOD - [2012-10-31 23:13:44 | 009,962,520 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\icudt.dll
MOD - [2012-10-31 23:13:37 | 041,741,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\chrome.dll
MOD - [2012-10-31 23:13:35 | 000,156,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avutil-51.dll
MOD - [2012-10-31 23:13:34 | 000,274,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avformat-54.dll
MOD - [2012-10-31 23:13:32 | 002,168,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll
MOD - [2012-10-25 15:27:17 | 000,278,352 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\crashhandler.dll
MOD - [2012-10-25 15:27:16 | 006,839,632 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steamclient.dll
MOD - [2012-10-25 15:27:16 | 000,237,904 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\tier0_s.dll
MOD - [2012-10-25 15:27:16 | 000,212,304 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\vstdlib_s.dll
MOD - [2012-10-25 15:27:16 | 000,122,864 | ---- | M] (Valve) -- C:\Program Files (x86)\Steam\CSERHelper.dll
MOD - [2012-10-25 15:27:11 | 000,659,792 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\vgui2_s.DLL
MOD - [2012-10-25 15:27:10 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012-10-25 15:27:10 | 001,744,720 | ---- | M] (Valve Corporation) -- c:\program files (x86)\steam\bin\serverbrowser.dll
MOD - [2012-10-25 15:27:07 | 009,955,112 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Steam\bin\icudt.dll
MOD - [2012-10-25 15:27:05 | 002,340,176 | ---- | M] (Valve Corporation) -- c:\program files (x86)\steam\bin\friendsui.dll
MOD - [2012-10-25 15:27:05 | 000,168,272 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\filesystem_steam.DLL
MOD - [2012-10-25 15:27:04 | 002,975,568 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.dll
MOD - [2012-10-25 15:27:04 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012-10-25 15:27:04 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2012-10-25 15:27:04 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012-10-25 15:27:04 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012-10-25 15:27:02 | 004,061,008 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\SteamUI.dll
MOD - [2012-10-25 15:27:02 | 001,039,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Steam\DbgHelp.dll
MOD - [2012-10-11 21:56:24 | 000,124,816 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MOD - [2012-10-11 21:56:20 | 000,043,408 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MOD - [2012-10-11 21:56:12 | 001,079,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MOD - [2012-10-11 21:56:08 | 000,075,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MOD - [2012-09-10 00:06:48 | 000,050,064 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\pl.lproj\iTunesHelperLocalized.DLL
MOD - [2012-09-09 23:30:36 | 000,048,528 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MOD - [2012-09-09 23:30:34 | 000,421,776 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
MOD - [2012-09-09 23:30:34 | 000,156,560 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.dll
MOD - [2012-08-24 07:51:50 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-08-24 07:51:27 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-08-24 07:44:35 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-08-20 08:39:39 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
MOD - [2012-08-11 16:43:16 | 001,447,824 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MOD - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2012-06-22 17:11:10 | 001,021,840 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
MOD - [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-06-06 06:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2012-06-02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012-06-02 05:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2012-06-02 05:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2012-06-02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2012-05-31 05:10:58 | 000,336,992 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
MOD - [2012-05-30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012-05-30 19:06:34 | 000,456,552 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
MOD - [2012-05-30 19:06:32 | 000,053,608 | ---- | M] (Open Source Software community project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MOD - [2012-05-30 19:06:30 | 001,292,136 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
MOD - [2012-05-30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012-05-30 19:06:30 | 000,923,496 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
MOD - [2012-05-30 19:06:28 | 016,303,976 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
MOD - [2012-05-30 19:06:20 | 002,463,632 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
MOD - [2012-05-05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2012-04-24 05:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012-04-24 05:36:42 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2012-04-21 05:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
MOD - [2012-04-07 17:32:56 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2012-04-07 17:32:56 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2012-04-07 17:23:37 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012-04-07 17:23:37 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012-03-04 21:22:00 | 005,920,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuda.dll
MOD - [2012-03-04 21:22:00 | 002,316,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll
MOD - [2012-03-04 21:22:00 | 000,813,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvumdshim.dll
MOD - [2012-03-04 21:22:00 | 000,236,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll
MOD - [2012-03-04 21:22:00 | 000,215,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvinit.dll
MOD - [2012-03-04 21:22:00 | 000,182,080 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll
MOD - [2012-03-04 21:22:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2012-03-03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-03-01 06:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-03-01 06:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-22 08:18:14 | 006,120,960 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igdumd32.dll
MOD - [2012-02-07 05:12:52 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
MOD - [2012-02-07 05:12:52 | 000,073,728 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
MOD - [2012-01-30 22:32:18 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\ASUS\USBChargerPlus\mfc100u.dll
MOD - [2012-01-30 22:32:16 | 001,120,936 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
MOD - [2012-01-04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-21 22:15:56 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\MSVCR100.dll
MOD - [2011-12-21 22:15:56 | 000,068,048 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.dll
MOD - [2011-12-21 22:15:54 | 000,017,872 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
MOD - [2011-12-16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 06:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011-10-19 22:44:44 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-10-19 22:44:44 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-10-19 22:41:53 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-10-19 22:38:36 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-10-19 22:38:36 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-10-19 22:38:36 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011-10-19 22:24:29 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-10-03 19:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
MOD - [2011-08-30 22:05:04 | 000,073,064 | ---- | M] (Apple Inc.) -- C:\Windows\SysWOW64\dnssd.dll
MOD - [2011-08-30 22:05:02 | 000,121,704 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-06-11 09:58:52 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\ASUS\USBChargerPlus\MSVCR100.dll
MOD - [2011-03-29 04:31:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MOD - [2010-11-20 13:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-20 13:21:40 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-20 13:21:40 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll
MOD - [2010-11-20 13:21:38 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-20 13:21:38 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010-11-20 13:21:38 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-20 13:21:38 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-20 13:21:38 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-20 13:21:36 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-20 13:21:36 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll
MOD - [2010-11-20 13:21:36 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-20 13:21:34 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-20 13:21:34 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-20 13:21:28 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-20 13:21:28 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-20 13:21:26 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sqmapi.dll
MOD - [2010-11-20 13:21:26 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-20 13:21:20 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-20 13:21:16 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-20 13:21:16 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-20 13:21:06 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010-11-20 13:21:04 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-20 13:21:04 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-20 13:20:58 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-20 13:20:52 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pdh.dll
MOD - [2010-11-20 13:20:50 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-20 13:20:50 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-20 13:20:30 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-20 13:19:58 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-20 13:19:58 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2010-11-20 13:19:58 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2010-11-20 13:19:56 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvfw32.dll
MOD - [2010-11-20 13:19:48 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msftedit.dll
MOD - [2010-11-20 13:19:48 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010-11-20 13:19:46 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-20 13:19:46 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-11-20 13:19:40 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-20 13:19:34 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2010-11-20 13:19:24 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-20 13:19:06 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll
MOD - [2010-11-20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-20 13:19:04 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-20 13:19:02 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-20 13:19:02 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll
MOD - [2010-11-20 13:18:28 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010-11-20 13:18:26 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010-11-20 13:18:26 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-20 13:18:26 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-20 13:18:24 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 13:18:24 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-20 13:18:10 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2010-11-20 13:18:06 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-20 13:18:04 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-20 13:18:04 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-20 13:16:52 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-20 13:16:52 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-20 13:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-20 13:08:58 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-20 13:08:52 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-20 13:08:52 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-20 12:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-05-26 10:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll
MOD - [2010-05-26 10:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DX9_43.dll
MOD - [2009-07-14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009-07-14 02:16:17 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAutomationCore.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 02:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 02:16:12 | 000,791,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\opengl32.dll
MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 02:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll
MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 02:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 02:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009-07-14 02:15:22 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\glu32.dll
MOD - [2009-07-14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 02:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FirewallAPI.dll
MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 02:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-07-14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009-07-14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009-07-14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 02:14:42 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
MOD - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:[b]64bit:[/b] - [2012-02-03 06:29:52 | 000,628,448 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:[b]64bit:[/b] - [2011-03-04 00:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2010-09-23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010-09-17 09:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-11-21 12:00:22 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-16 21:09:32 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-11-08 22:20:30 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012-10-25 15:27:11 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-06-22 14:55:48 | 000,265,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate)
SRV - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc)
SRV - [2012-06-07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-03-04 21:22:00 | 002,458,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-02-29 02:19:04 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-02-29 02:19:02 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-02-22 08:18:24 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2011-12-29 23:09:24 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-11-08 22:20:30 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:[b]64bit:[/b] - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012-05-31 05:10:48 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2012-03-04 21:22:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-22 08:18:14 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012-02-20 03:31:14 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2012-02-19 19:16:24 | 000,200,488 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:56 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:[b]64bit:[/b] - [2012-01-11 05:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:54 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:54 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:24 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:06 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:54 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:36 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:18 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2011-12-28 08:15:50 | 000,292,456 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:[b]64bit:[/b] - [2011-12-23 04:09:00 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011-12-21 22:15:56 | 000,035,968 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVBus.sys -- (AsusVBus)
DRV:[b]64bit:[/b] - [2011-11-10 09:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2011-11-08 03:48:28 | 000,016,512 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVTouch.sys -- (AsusVTouch)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011-08-23 14:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-05-13 23:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010-11-20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:[b]64bit:[/b] - [2009-07-20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-05-24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AiCharger.sys -- (AiCharger)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://asus.msn.com"]http://asus.msn.com[/url]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox"]http://www.bing.com/...rc=IE-SearchBox[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/?aff=2&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752"]http://startsear.ch/...98-0008caf29752[/url]
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox"]http://www.bing.com/...rc=IE-SearchBox[/url]
IE - HKLM\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = [url="http://startsear.ch/?aff=2&src=sp&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752&q={searchTerms}"]http://startsear.ch/...q={searchTerms}[/url]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://asus.msn.com"]http://asus.msn.com[/url]
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://asus.msn.com"]http://asus.msn.com[/url]

IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://asus.msn.com"]http://asus.msn.com[/url]
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="https://isearch.avg.com/?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21"]https://isearch.avg....sa&d=2012-06-21[/url] 16:26:30&v=12.2.5.32&sap=hp
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = [url="http://isearch.avg.com/?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21"]http://isearch.avg.c...sa&d=2012-06-21[/url] 16:26:30&v=11.1.0.7&sap=hp
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = [url="http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120711&user_guid=AFCCE6B745DF4E30BBBF417FDD48D994&machine_id=ec080796f5004ab7455755a0b4f5c227&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}"]http://klit.startnow...eferrer:source}[/url]
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = [url="http://startsear.ch/?aff=2&src=sp&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752&q={searchTerms}"]http://startsear.ch/...q={searchTerms}[/url]
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{98DB4022-589B-40F9-B822-84C3AD18B2CD}: "URL" = [url="https://isearch.avg.com/search?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21"]https://isearch.avg....sa&d=2012-06-21[/url] 16:26:30&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledAddons: {687578b9-7132-4a7a-80e4-30ee31099e03}:3.16.0.3
FF - prefs.js..extensions.enabledAddons: {862FF4F2-E810-11E0-8FEF-D73D4824019B}:1.1.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011-10-20 00:10:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012-11-08 22:20:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-16 21:09:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-11-07 23:29:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-16 21:09:31 | 000,000,000 | ---D | M]

[2012-06-21 21:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Extensions
[2012-11-25 23:33:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions
[2012-08-30 10:29:32 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2012-11-15 15:38:29 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012-11-08 00:06:48 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org
[2012-11-08 00:07:04 | 000,000,000 | ---D | M] (ALLYouTubeDownloader) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-06-22 17:10:04 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org.xpi
[2012-10-28 12:28:23 | 000,013,713 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org.xpi
[2012-11-25 23:33:20 | 000,150,412 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.xpi
[2012-06-07 20:16:04 | 000,000,935 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\conduit.xml
[2012-09-15 20:34:56 | 000,000,792 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\startsear.xml
[2012-07-11 17:06:27 | 000,001,390 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\yahoo-zugo.xml
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{687578B9-7132-4A7A-80E4-30EE31099E03}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.XPI
[2012-11-16 21:09:32 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-10-27 14:45:50 | 000,083,456 | ---- | M] (LiveVDO ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2012-06-15 00:13:23 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-11-08 22:20:31 | 000,003,574 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-06-15 00:13:23 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-15 00:13:23 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-15 00:13:23 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-15 00:13:23 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-15 00:13:23 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U4 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.20 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Another Update = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bipiocmkdofpgpdebagkjpgcpbjmbgkn\1.1.2_0\
CHR - Extension: YouTube = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Secure Search = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\
CHR - Extension: AVG Secure Search = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak
CHR - Extension: uTorrentControl2 = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.17.1_0\
CHR - Extension: LiveVDO plugin = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\
CHR - Extension: Gmail = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:[b]64bit:[/b] - BHO: (Another Update v1.1.5) - {793A557B-65BC-48C3-B6F6-D472C5887C2E} - C:\Windows\test64.dll ()
O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:[b]64bit:[/b] - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (ALLYouTubeDownloader) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL (ALLCinema Ltd.)
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O2 - BHO: (Another Update v1.1.5) - {793A557B-65BC-48C3-B6F6-D472C5887C2E} - C:\Windows\test32.dll ()
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [6] File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe (ALLCinema)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [CommandUtilities] C:\Users\Łuczewski\Documents\Windows\svuhost.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [GoogleChromeAutoLaunch_14468DE656B7E0BCF56707E1A1C80FF0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [MicrosoftProtection] C:\Users\Łuczewski\AppData\Roaming\MicrosoftProtection.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Windows Explorer] C:\Users\Łuczewski\msdata\iexplorer.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsStartupKit] C:\Users\Łuczewski\Documents\Windows\mcheck.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Winlogon] C:\Users\Łuczewski\Documents\Windows\svchostu.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
F3:[b]64bit:[/b] - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001 WinNT: Load - (C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com) - C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com (gCemggAcBL)
F3 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001 WinNT: Load - (C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com) - C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com (gCemggAcBL)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.231.1.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CDAE1432-797B-4373-8C50-8015FD4769B8}: DhcpNameServer = 217.172.224.160 89.231.1.206
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-11-30 00:28:45 | 000,000,044 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2011-01-10 22:14:21 | 001,103,232 | R--- | M] (THQ Inc.)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


MsConfig:64bit - StartUpReg: [b]ACMON[/b] - hkey= - key= - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
MsConfig:64bit - StartUpReg: [b]ASUS Screen Saver Protector[/b] - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)
MsConfig:64bit - StartUpReg: [b]CLMLServer[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
MsConfig:64bit - StartUpReg: [b]RTHDVCPL[/b] - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - Service
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - Service
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-11-25 23:00:43 | 000,000,000 | R--D | C] -- C:\Users\Łuczewski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012-11-25 22:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hitman Absolution
[2012-11-25 14:57:00 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Desktop\notatki fizyka
[2012-11-24 18:21:29 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Windows
[2012-11-23 00:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-11-23 00:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012-11-22 17:42:35 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Assassin's Creed III
[2012-11-22 17:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Mechanics
[2012-11-22 01:33:09 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\msdata
[2012-11-21 22:52:16 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\Drivers
[2012-11-21 12:45:20 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012-11-21 12:22:49 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-11-21 11:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-11-17 14:13:06 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\SWTOR
[2012-11-17 14:13:06 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\HeroBlade Logs
[2012-11-16 21:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2012-11-16 21:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012-11-16 21:09:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-11-08 00:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLYouTubeDownloader
[2012-11-08 00:06:08 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\Programs
[2012-11-08 00:00:52 | 000,000,000 | ---D | C] -- C:\ASUS WebStorage
[2012-11-07 23:59:45 | 000,000,000 | ---D | C] -- C:\AVG Secure Search
[2012-11-07 23:59:42 | 000,000,000 | ---D | C] -- C:\Urządzenia Bluetooth
[2012-11-07 23:59:36 | 000,000,000 | ---D | C] -- C:\Atheros
[2012-11-07 23:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012-11-07 23:29:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012-11-07 23:28:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-11-07 23:27:52 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012-11-07 23:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012-10-28 16:05:51 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\Ubisoft Game Launcher
[2012-10-28 16:05:48 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Assassin's Creed Revelations
[2012-10-28 15:00:22 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012-10-28 15:00:22 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012-10-28 15:00:22 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012-10-28 15:00:22 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012-10-28 15:00:22 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012-10-28 15:00:22 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012-10-28 15:00:22 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012-10-28 15:00:21 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012-10-28 15:00:21 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012-10-28 15:00:21 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012-10-28 15:00:21 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012-10-28 15:00:21 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012-10-28 15:00:21 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012-10-28 15:00:21 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012-10-28 15:00:20 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012-10-28 15:00:20 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012-10-28 15:00:20 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012-10-28 15:00:20 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012-10-28 15:00:20 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012-10-28 15:00:20 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012-10-28 15:00:20 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012-10-28 15:00:20 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012-10-28 15:00:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012-10-28 15:00:19 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012-10-28 15:00:19 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012-10-28 15:00:18 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012-10-28 15:00:18 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012-10-28 15:00:17 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012-10-28 15:00:17 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012-10-28 15:00:16 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012-10-28 15:00:16 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012-10-28 15:00:16 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012-10-28 15:00:16 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012-10-28 15:00:15 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012-10-28 15:00:15 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012-10-28 15:00:12 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012-10-28 15:00:12 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012-10-28 15:00:12 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012-10-28 15:00:12 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012-10-28 15:00:12 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012-10-28 15:00:11 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012-10-28 15:00:11 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012-10-28 15:00:11 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012-10-28 15:00:11 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012-10-28 15:00:10 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012-10-28 15:00:10 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012-10-28 15:00:10 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012-10-28 15:00:09 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012-10-28 15:00:09 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012-10-28 15:00:09 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012-10-28 15:00:09 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012-10-28 15:00:09 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012-10-28 15:00:09 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012-10-28 15:00:08 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012-10-28 15:00:08 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012-10-28 15:00:08 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012-10-28 15:00:08 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012-10-28 15:00:08 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012-10-28 15:00:08 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012-10-28 15:00:08 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012-10-28 15:00:08 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012-10-28 15:00:08 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012-10-28 15:00:08 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012-10-28 15:00:07 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012-10-28 15:00:07 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012-10-28 15:00:06 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012-10-28 15:00:06 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012-10-28 15:00:06 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012-10-28 15:00:06 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012-10-28 15:00:06 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012-10-28 15:00:05 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012-10-28 15:00:05 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012-10-28 15:00:05 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012-10-28 15:00:05 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012-10-28 15:00:04 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012-10-28 15:00:04 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012-10-28 15:00:04 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012-10-28 15:00:04 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012-10-28 15:00:03 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012-10-28 15:00:03 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012-10-28 15:00:02 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012-10-28 15:00:02 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012-10-28 15:00:02 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012-10-28 15:00:02 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012-10-28 15:00:02 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012-10-28 15:00:02 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012-10-28 15:00:01 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012-10-28 15:00:01 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012-10-28 15:00:01 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012-10-28 15:00:01 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012-10-28 14:59:59 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012-10-28 14:59:59 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012-10-28 14:59:58 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012-10-28 14:59:58 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012-10-28 14:59:58 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012-10-28 14:59:58 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012-10-28 14:59:58 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012-10-28 14:59:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012-10-28 14:59:56 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012-10-28 14:59:56 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012-10-28 14:59:56 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012-10-28 14:59:56 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012-10-28 14:59:55 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012-10-28 14:59:55 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012-10-28 14:59:55 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012-10-28 14:59:55 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012-10-28 14:59:54 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012-10-28 14:59:54 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012-10-28 14:59:53 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012-10-28 14:59:53 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012-10-28 14:59:53 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012-10-28 14:59:53 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012-10-28 14:59:52 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012-10-28 14:59:52 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012-10-28 14:59:52 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012-10-28 14:59:52 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012-10-28 14:59:51 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012-10-28 14:59:51 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012-10-28 14:59:51 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012-10-28 14:59:51 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012-10-28 14:59:50 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012-10-28 14:59:50 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012-10-28 14:59:50 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012-10-28 14:59:50 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012-10-28 14:59:50 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012-10-28 14:59:50 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012-10-28 14:59:48 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012-10-28 14:59:48 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012-10-28 14:59:48 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012-10-28 14:59:48 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012-10-28 14:59:48 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012-10-28 14:59:48 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012-10-28 14:59:47 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012-10-28 14:59:47 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012-10-28 14:59:46 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012-10-28 14:59:46 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012-10-28 14:59:46 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012-10-28 14:59:46 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012-10-28 14:59:45 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012-10-28 14:59:45 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012-10-28 14:59:44 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012-10-28 14:59:44 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012-10-28 14:59:44 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012-10-28 14:59:44 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012-10-28 14:59:44 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012-10-28 14:59:44 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012-10-28 14:59:43 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012-10-28 14:59:43 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012-10-28 14:59:42 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012-10-28 14:59:42 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012-10-28 14:59:36 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012-10-28 14:59:36 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012-10-28 14:59:35 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012-10-28 14:59:35 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012-10-28 14:59:35 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012-10-28 14:59:35 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012-10-28 14:59:34 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012-10-28 14:59:34 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012-10-28 14:59:33 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012-10-28 14:59:33 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012-10-28 14:59:32 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012-10-28 14:59:32 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012-10-28 14:59:30 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012-10-28 14:59:30 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012-10-28 14:59:29 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012-10-28 14:59:29 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012-10-28 14:59:28 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012-10-28 14:59:28 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012-10-28 11:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2012-10-27 16:52:29 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\PunkBuster
[2012-10-27 16:41:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012-10-25 03:12:26 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2012-10-25 03:12:26 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2012-10-13 14:14:20 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\ElevatedDiagnostics
[2012-10-08 15:08:11 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\FIFA 13
[2012-10-07 12:29:41 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\vlc
[2012-10-07 12:29:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012-10-07 12:28:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012-10-06 21:14:20 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\FIFA 11
[2012-10-06 21:11:36 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Leadertech
[2012-09-29 12:16:20 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012-09-29 12:16:10 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012-09-29 12:16:10 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012-09-29 12:16:10 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-11-25 23:25:16 | 000,007,118 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Nowy dokument dziennika (2).jnt
[2012-11-25 23:07:33 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-25 23:07:33 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-25 23:06:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-11-25 23:00:28 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012-11-25 23:00:27 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-25 23:00:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-25 23:00:12 | 2057,707,519 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-25 22:42:08 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-25 18:51:42 | 000,096,768 | ---- | M] () -- C:\Windows\test64.dll
[2012-11-25 18:51:42 | 000,084,992 | ---- | M] () -- C:\Windows\test32.dll
[2012-11-25 12:12:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012-11-23 00:39:57 | 000,002,301 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\tep512650
[2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\MicrosoftProtection.exe
[2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-11-21 12:45:18 | 000,001,207 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Uplay.lnk
[2012-11-21 12:00:22 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-11-21 12:00:22 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-11-16 21:38:03 | 000,001,441 | ---- | M] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
[2012-11-09 14:55:31 | 001,694,898 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-11-09 14:55:31 | 000,749,844 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-11-09 14:55:31 | 000,664,012 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-11-09 14:55:31 | 000,158,582 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-11-09 14:55:31 | 000,125,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-11-09 14:51:03 | 001,363,641 | ---- | M] () -- C:\Users\Łuczewski\Desktop\chemikalia.pdf
[2012-11-08 22:20:30 | 000,030,568 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012-11-08 00:07:15 | 000,000,976 | ---- | M] () -- C:\Users\Łuczewski\Desktop\NapiProjekt.lnk
[2012-11-08 00:07:04 | 000,001,157 | ---- | M] () -- C:\Users\Public\Desktop\ALL YouTube Downloader.lnk
[2012-11-08 00:07:00 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\ALL Media Server.lnk
[2012-11-08 00:06:53 | 000,001,025 | ---- | M] () -- C:\Users\Łuczewski\Desktop\ALLPlayer.lnk
[2012-11-07 23:29:08 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012-11-07 23:28:05 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-03 21:04:08 | 000,000,865 | ---- | M] () -- C:\Users\Łuczewski\Desktop\ekipa.contact
[2012-10-29 12:18:14 | 000,001,384 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Play Assassin's Creed Revelations.lnk
[2012-10-25 03:12:26 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2012-10-25 03:12:26 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2012-10-12 22:28:23 | 000,189,774 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Rozciąganie.pdf
[2012-10-07 12:29:11 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012-10-03 17:04:32 | 000,006,690 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Nowy dokument dziennika.jnt
[2012-09-29 12:33:58 | 000,032,688 | ---- | M] () -- C:\Users\Łuczewski\Desktop\PowtarzanieSem_136603.pdf
[2012-09-29 12:16:07 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012-09-29 12:16:06 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012-09-29 12:16:06 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012-09-29 12:16:06 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012-09-29 12:16:06 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012-09-29 12:16:06 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-11-25 23:25:07 | 000,007,118 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Nowy dokument dziennika (2).jnt
[2012-11-23 00:39:57 | 000,002,301 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-23 00:37:25 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-23 00:37:24 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-22 01:33:04 | 000,056,832 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\tep512650
[2012-11-22 01:33:04 | 000,056,832 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\MicrosoftProtection.exe
[2012-11-21 12:45:18 | 000,001,207 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Uplay.lnk
[2012-11-16 21:38:03 | 000,001,441 | ---- | C] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
[2012-11-09 14:51:02 | 001,363,641 | ---- | C] () -- C:\Users\Łuczewski\Desktop\chemikalia.pdf
[2012-11-08 00:07:04 | 000,001,157 | ---- | C] () -- C:\Users\Public\Desktop\ALL YouTube Downloader.lnk
[2012-11-07 23:29:08 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012-11-07 23:28:05 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-06 20:14:24 | 000,096,768 | ---- | C] () -- C:\Windows\test64.dll
[2012-11-06 20:14:24 | 000,084,992 | ---- | C] () -- C:\Windows\test32.dll
[2012-11-03 21:04:08 | 000,000,865 | ---- | C] () -- C:\Users\Łuczewski\Desktop\ekipa.contact
[2012-10-29 12:18:14 | 000,001,384 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Play Assassin's Creed Revelations.lnk
[2012-10-27 16:52:30 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-10-15 22:39:28 | 000,549,526 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz27_01.pdf
[2012-10-15 22:39:28 | 000,326,319 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz33_01.pdf
[2012-10-15 22:39:28 | 000,206,389 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz29A_01.pdf
[2012-10-15 22:39:28 | 000,167,468 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz28_01.pdf
[2012-10-15 22:39:28 | 000,146,218 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz29_01.pdf
[2012-10-15 22:39:28 | 000,132,546 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz35_01.pdf
[2012-10-15 22:39:28 | 000,122,541 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz31_01.pdf
[2012-10-15 22:39:28 | 000,116,200 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz30_01.pdf
[2012-10-15 22:39:28 | 000,096,217 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz34_01.pdf
[2012-10-12 22:28:19 | 000,189,774 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Rozciąganie.pdf
[2012-10-07 12:29:11 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012-09-29 12:33:58 | 000,032,688 | ---- | C] () -- C:\Users\Łuczewski\Desktop\PowtarzanieSem_136603.pdf
[2012-07-11 17:06:17 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-06-21 16:58:37 | 000,000,380 | ---- | C] () -- C:\Users\Łuczewski\AppData\Roaming\sp_data.sys
[2012-06-21 15:24:40 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-06-21 15:24:40 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012-06-19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-03-13 10:08:55 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012-03-13 10:08:49 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012-03-13 10:08:47 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-03-13 10:08:45 | 013,020,160 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012-02-03 06:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011-10-20 00:00:15 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011-10-19 23:42:45 | 001,719,502 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-09-28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2012-11-25 23:00:25 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2012-11-25 23:00:25 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\$Recycle.Bin\S-1-5-21-2425613530-3582171222-2280058672-1001\$671c68d993da727758a32c6e0ca12e1b\n. -- File not found

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\$RECYCLE.BIN\S-1-5-18\$671c68d993da727758a32c6e0ca12e1b\n -- File not found
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2012-07-20 10:16:41 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Nuance
[2012-07-20 10:16:37 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Zeon
[2012-08-27 10:15:35 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\.minecraft
[2012-06-21 15:34:48 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\ASUS WebStorage
[2012-07-29 20:16:36 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\Kalypso Media
[2012-10-06 21:11:36 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\Leadertech
[2012-06-21 18:25:33 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\Nuance
[2012-09-27 11:53:30 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\Origin
[2012-06-21 18:30:37 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\PowerISO
[2012-10-27 16:52:29 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\PunkBuster
[2012-11-23 16:49:15 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\SoftGrid Client
[2012-06-24 17:50:42 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\Thunderbird
[2012-06-28 10:14:25 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\TP
[2012-08-25 15:51:55 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\TS3Client
[2012-11-25 23:39:45 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\uTorrent
[2012-06-21 18:25:25 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\Zeon

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-10-11 20:37:11 | 000,000,044 | ---- | M] () -- C:\ASUS.md5
[2009-07-14 02:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009-07-29 07:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-04-07 17:50:38 | 000,016,524 | ---- | M] () -- C:\devlist.txt
[2012-04-07 17:50:38 | 000,000,009 | ---- | M] () -- C:\Finish.log
[2012-11-25 23:00:12 | 2057,707,519 | -HS- | M] () -- C:\hiberfil.sys
[2012-02-24 10:34:58 | 006,293,504 | -H-- | M] () -- C:\K55VM.BIN
[2012-03-13 10:10:55 | 000,000,019 | ---- | M] () -- C:\K55VM_K55VS_WIN7.20
[2012-02-24 10:17:04 | 006,293,504 | -H-- | M] () -- C:\K55VS.BIN
[2012-11-25 23:00:18 | 4175,265,791 | -HS- | M] () -- C:\pagefile.sys
[2012-04-07 18:54:02 | 000,000,303 | ---- | M] () -- C:\Pass.txt
[2012-03-13 10:10:55 | 000,000,014 | ---- | M] () -- C:\RECOVERY.DAT
[2012-04-07 17:30:04 | 000,002,441 | ---- | M] () -- C:\RHDSetup.log
[2011-08-30 06:00:22 | 000,001,083 | ---- | M] () -- C:\setup.iss
[2012-04-07 17:23:54 | 000,000,086 | ---- | M] () -- C:\setup.log

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010-11-20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010-11-20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010-11-20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2010-12-29 11:45:14 | 000,947,584 | ---- | M] (Microsoft Corporation) MD5=02A1D495D9CD3C787BDE560CCC6A480E -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.20867_none_045d623d4ecba2f1\ndis.sys
[2010-12-29 11:33:33 | 000,950,656 | ---- | M] (Microsoft Corporation) MD5=303310C91F8C0740ED1C76851C759874 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21628_none_066fff3d4bd0b870\ndis.sys
[2012-08-22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010-11-20 14:33:46 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2010-12-29 11:41:29 | 000,947,584 | ---- | M] (Microsoft Corporation) MD5=A3151B3463EEA7E47F618F115D0D142E -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16726_none_03fe04d8358e7a0c\ndis.sys
[2010-12-29 11:57:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17530_none_05d3903632c269df\ndis.sys
[2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010-11-20 14:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-20 14:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< End of report >
[/log]

i logi z RSIT
info [log]info.txt logfile of random's system information tool 1.09 2012-11-25 23:48:26

======Uninstall list======

„Windows Live Essentials“-->MsiExec.exe /I{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}
„Windows Live Mail“-->MsiExec.exe /I{2720009D-9566-45A7-A370-0E6DAC313F3F}
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis-->MsiExec.exe /I{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}
„Windows Live Messenger“-->MsiExec.exe /X{122800FE-3AAF-4974-9FBD-54B023FA756A}
„Windows Live“ fotogalerija-->MsiExec.exe /X{C877E454-FA36-409A-A00E-1240CEC61BBD}
-->MsiExec /X{9530AE42-DAE1-4619-9594-B23487285D17}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
ActiveX контрола на Windows Live Mesh за отдалечени връзки-->MsiExec.exe /I{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_110_Plugin.exe -maintain plugin
ALL YouTube Downloader-->"C:\Program Files (x86)\ALLYouTubeDownloader\unins000.exe"
ALLConverter PRO 1.3-->"C:\Program Files (x86)\ALLConverter PRO\unins000.exe"
ALLMediaServer-->"C:\Program Files (x86)\ALLMediaServer\unins000.exe"
ALLPlayer V5.X-->"C:\Program Files (x86)\ALLPlayer\unins000.exe"
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ASUS AI Recovery-->MsiExec.exe /I{D39F0676-163E-4595-A917-E28F99BBD4D2}
ASUS FaceLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS USB Charger Plus-->MsiExec.exe /X{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
ASUS Virtual Touch-->MsiExec.exe /I{938CFBD4-0652-49E5-BB8B-153948865941}
ASUS WebStorage-->C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe
ASUSscr_K_NoSound-->C:\Windows\ASUSscr_K_NoSound Uninstaller.exe
AsusVibe2.0-->C:\Program Files (x86)\Asus\AsusVibe\unins000.exe
AVG Security Toolbar-->C:\Program Files (x86)\AVG Secure Search\UNINSTALL.exe /PROMPT /UNINSTALL
Bing Bar-->MsiExec.exe /X{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Bubbletown-->"C:\Program Files (x86)\Asus\Game Park\Bubbletown\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Bubbletown\install.log"
Control ActiveX Windows Live Mesh pentru conexiuni la distanță-->MsiExec.exe /I{260E3D78-94E6-47EC-8E29-46301572BB1E}
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
CyberLink Media Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink Media Suite-->"C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Deadtime Stories-->"C:\Program Files (x86)\Asus\Game Park\Deadtime Stories\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Deadtime Stories\install.log"
Dream Day First Home-->"C:\Program Files (x86)\Asus\Game Park\Dream Day First Home\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Dream Day First Home\install.log"
Dream Vacation Solitaire-->"C:\Program Files (x86)\Asus\Game Park\Dream Vacation Solitaire\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Dream Vacation Solitaire\install.log"
Farm Frenzy 3 - Madagascar-->"C:\Program Files (x86)\Asus\Game Park\Farm Frenzy 3 - Madagascar\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Farm Frenzy 3 - Madagascar\install.log"
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych-->MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}
Fotogalerija Windows Live-->MsiExec.exe /X{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}
Galapago-->"C:\Program Files (x86)\Asus\Game Park\Galapago\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Galapago\install.log"
Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}
Galerie foto Windows Live-->MsiExec.exe /X{CB66242D-12B1-4494-82D2-6F53A7E024A3}
Game Park Console-->C:\Program Files (x86)\Asus\Game Park\GameConsole\Uninstall.exe
Go Go Gourmet Chef of the Year-->"C:\Program Files (x86)\Asus\Game Park\Go Go Gourmet Chef of the Year\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Go Go Gourmet Chef of the Year\install.log"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
InstantOn for NB-->MsiExec.exe /I{749F674B-2674-47E8-879C-5626A06B2A91}
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Manageability Engine Firmware Recovery Agent-->MsiExec.exe /X{A6C48A9F-694A-4234-B3AA-62590B668927}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) OpenCL CPU Runtime-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) USB 3.0 eXtensible Host Controller Driver-->C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
Java 7 Update 7-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217007FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
K-Lite Codec Pack 8.8.0 (Full)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Kontrola Windows Live Mesh ActiveX za daljinske veze-->MsiExec.exe /I{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave-->MsiExec.exe /I{CA227A9D-09BE-4BFB-9764-48FED2DA5454}
League of Legends-->"C:\Program Files (x86)\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0415 -removeonly
LiveVDO plugin 1.3-->C:\Program Files (x86)\StartSearch plugin\uninst.exe
Mahjong Memoirs-->"C:\Program Files (x86)\Asus\Game Park\Mahjong Memoirs\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Mahjong Memoirs\install.log"
Mass Effect™ 3-->"C:\Program Files (x86)\Common Files\EAInstaller\Mass Effect 3\Cleanup.exe" uninstall_game -autologging -keepMaintenanceLog
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F112F66E-25CA-42DD-983C-6118EB38F606}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Office Starter 2010 - Polski-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0415-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Minecraft Cracked-->C:\Users\Łuczewski\AppData\Roaming\.minecraft\Uninstall.exe
Moduł Szybka instalacja pakietu Microsoft Office 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
Mozilla Firefox 16.0.2 (x86 pl)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 14.0 (x86 pl)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
NapiProjekt 2.0.0 (build 2151)-->"C:\Program Files (x86)\NapiProjekt\unins000.exe"
Nuance PDF Reader-->MsiExec.exe /X{B480904D-F73F-4673-B034-8A5F492C9184}
NVIDIA PhysX-->MsiExec.exe /X{9530AE42-DAE1-4619-9594-B23487285D17}
Obsługa programów Apple-->MsiExec.exe /I{F5266D28-E0B2-4130-BFC5-EE155AD514DC}
Origin-->C:\Program Files (x86)\Origin\OriginUninstall.exe
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia-->MsiExec.exe /I{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}
Pando Media Booster-->C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe
PeerGuardian 2.0-->"C:\Program Files (x86)\PeerGuardian2\unins000.exe"
Plants vs Zombies-->"C:\Program Files (x86)\Asus\Game Park\Plants vs Zombies\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Plants vs Zombies\install.log"
Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
Pošta Windows Live-->MsiExec.exe /I{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}
PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Qualcomm Atheros WiFi Driver Installation-->"C:\Program Files (x86)\InstallShield Installation Information\{7D916FA5-DAE9-4A25-B089-655C70EAF607}\setup.exe" -runfromtemp -l0x0409 -removeonly
QuickTime-->MsiExec.exe /I{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
Realtek PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
Sleeping Dogs version 1.4-->"C:\Games\Sleeping Dogs\unins000.exe"
Star Wars: The Old Republic-->C:\Program Files (x86)\Common Files\BioWare\Uninstall Star Wars - The Old Republic.exe
StartNow Toolbar-->C:\Program Files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Turbo Fiesta-->"C:\Program Files (x86)\Asus\Game Park\Turbo Fiesta\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Turbo Fiesta\install.log"
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
Uplay-->C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
uTorrentControl2 Toolbar-->C:\Program Files (x86)\uTorrentControl2\uninstall.exe toolbar
VLC media player 2.0.3-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Warhammer® 40,000™: Dawn of War® II – Retribution™-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/56400
Wiedźmin 2-->"C:\Program Files (x86)\InstallShield Installation Information\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}\setup.exe" -runfromtemp -l0x0415 -removeonly
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{17835B63-8308-427F-8CF5-D76E0D5FE457}
Windows Live Essentials-->MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80}
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials-->MsiExec.exe /I{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}
Windows Live Essentials-->MsiExec.exe /I{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}
Windows Live Essentials-->MsiExec.exe /I{A1668729-C4D2-49AE-877B-FB608362FFF1}
Windows Live Essentials-->MsiExec.exe /I{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}
Windows Live Essentials-->MsiExec.exe /I{C01FCACE-CC3D-49A2-ADC2-583A49857C58}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Essentials-->MsiExec.exe /I{FEEF7F78-5876-438B-B554-C4CC426A4302}
Windows Live fotoattēlu galerija-->MsiExec.exe /X{CF936193-C584-458C-B793-15FA945621AF}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live Foto-galerija-->MsiExec.exe /X{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}
Windows Live Fotótár-->MsiExec.exe /X{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}
Windows Live Galerija fotografija-->MsiExec.exe /X{E5377D46-83C5-445A-A1F1-830336B42A10}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{0B80A0FD-755A-4796-BFB0-A7B07366F33A}
Windows Live Mail-->MsiExec.exe /I{82803FF3-563F-414F-A403-8D4C167D4120}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}
Windows Live Mail-->MsiExec.exe /I{D07B1FDA-876B-4914-9E9A-309732B6D44F}
Windows Live Mail-->MsiExec.exe /I{F66430D8-08E6-4C96-B9B7-90E66E27D58C}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh ActiveX kontrola za daljinske veze-->MsiExec.exe /I{8985AE5E-622A-4980-8BF8-0A1830643220}
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem-->MsiExec.exe /I{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}
Windows Live Mesh ActiveX-i juhtelement kaugühendustele-->MsiExec.exe /I{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz-->MsiExec.exe /I{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}
Windows Live Mesh-->MsiExec.exe /I{0A093C39-CBB3-4142-B93F-562F176B6305}
Windows Live Mesh-->MsiExec.exe /I{2D3E034E-F76B-410A-A169-55755D2637BB}
Windows Live Mesh-->MsiExec.exe /I{5CF5B1A5-CBC3-42F0-8533-5A5090665862}
Windows Live Mesh-->MsiExec.exe /I{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}
Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}
Windows Live Mesh-->MsiExec.exe /I{C08D5964-C42F-48EE-A893-2396F9562A7C}
Windows Live Mesh-->MsiExec.exe /I{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Mesh-->MsiExec.exe /I{EAB1BDF2-734A-4D44-9169-7615D185C974}
Windows Live Mesh-->MsiExec.exe /I{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}
Windows Live Messenger-->MsiExec.exe /X{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}
Windows Live Messenger-->MsiExec.exe /X{2F54E453-8C93-4B3B-936A-233C909E6CAC}
Windows Live Messenger-->MsiExec.exe /X{A3389C72-1782-4BB4-BBAA-33345DE52E3F}
Windows Live Messenger-->MsiExec.exe /X{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}
Windows Live Messenger-->MsiExec.exe /X{BD0C3887-64E6-41D8-9A38-BC6F34369352}
Windows Live Messenger-->MsiExec.exe /X{BD215FCB-27E8-4C86-9251-8B8C1D548743}
Windows Live Messenger-->MsiExec.exe /X{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}
Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
Windows Live Messenger-->MsiExec.exe /X{E9AD2143-26D5-4201-BED1-19DCC03B407D}
Windows Live Messenger-->MsiExec.exe /X{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}
Windows Live Messenger-->MsiExec.exe /X{F35DC85A-E96B-496B-ABE7-F04192824856}
Windows Live Messenger-->MsiExec.exe /X{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}
Windows Live Messenger-->MsiExec.exe /X{FA20D803-14E5-4B00-8F03-B519D46F9D4A}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{60C3C026-DB53-4DAB-8B97-7C1241F9A847}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}
Windows Live Movie Maker-->MsiExec.exe /X{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}
Windows Live Movie Maker-->MsiExec.exe /X{7AF8E500-B349-4A77-8265-9854E9A47925}
Windows Live Movie Maker-->MsiExec.exe /X{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}
Windows Live Movie Maker-->MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3}
Windows Live Movie Maker-->MsiExec.exe /X{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}
Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Movie Maker-->MsiExec.exe /X{FF737490-5A2D-4269-9D82-97DB2F7C0B09}
Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common-->MsiExec.exe /X{073F306D-9851-4969-B828-7B6444D07D55}
Windows Live Photo Common-->MsiExec.exe /X{1168ECF1-2932-4E86-BC83-560C256C8022}
Windows Live Photo Common-->MsiExec.exe /X{442032CB-900C-49C7-B4B4-2B76525DD403}
Windows Live Photo Common-->MsiExec.exe /X{5D163056-96B7-440F-A836-89BA5D3CFF2F}
Windows Live Photo Common-->MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{7D0DE76C-874E-4BDE-A204-F4240160693E}
Windows Live Photo Common-->MsiExec.exe /X{84267681-BF16-40B6-9564-27BC57D7D71C}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Pošta-->MsiExec.exe /I{517EAAB9-C35E-4949-B8C2-20C241162BBB}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{09922FFE-D153-44AE-8B60-EA3CB8088F93}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{2CC0789D-D31B-445F-8970-6E058BE39754}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4C378B16-46B7-4DA1-A2CE-2EE676F74680}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4D141929-141B-4605-95D6-2B8650C1C6DA}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{545192D4-E817-4EAA-834D-623EA50CF268}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{826A9D28-CAB2-4950-8AAA-B639DCA444CE}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{EA777812-4905-4C08-8F6E-13BDCC734609}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer Resources-->MsiExec.exe /X{458F399F-62AC-4747-99F5-499BBF073D29}
Windows Live Writer Resources-->MsiExec.exe /X{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}
Windows Live Writer Resources-->MsiExec.exe /X{5D2E7BD7-4B6F-4086-BA8A-E88484750624}
Windows Live Writer Resources-->MsiExec.exe /X{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}
Windows Live Writer Resources-->MsiExec.exe /X{77DAF553-291A-4471-988C-5677D90DB57E}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer Resources-->MsiExec.exe /X{7E90B133-FF47-48BB-91B8-36FC5A548FE9}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer Resources-->MsiExec.exe /X{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}
Windows Live Writer Resources-->MsiExec.exe /X{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}
Windows Live Writer Resources-->MsiExec.exe /X{D987098B-3AD4-4E88-B80E-CF27A32D1955}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer-->MsiExec.exe /X{047377C9-C74B-4345-82E8-03BAE5DF2C32}
Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer-->MsiExec.exe /X{1D6C2068-807F-4B76-A0C2-62ED05656593}
Windows Live Writer-->MsiExec.exe /X{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}
Windows Live Writer-->MsiExec.exe /X{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{69C9C672-400A-43A0-B2DE-9DB38C371282}
Windows Live Writer-->MsiExec.exe /X{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Live Writer-->MsiExec.exe /X{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}
Windows Live Writer-->MsiExec.exe /X{C1C9D199-B4DD-4895-92DD-9A726A2FE341}
Windows Live Writer-->MsiExec.exe /X{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}
Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80}
Windows Live'i fotogalerii-->MsiExec.exe /X{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
WinRAR 4.20 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
Wireless Console 3-->MsiExec.exe /I{19EA33FB-B34E-40EA-8B8A-61743AEB795A}
World of Goo-->"C:\Program Files (x86)\Asus\Game Park\World of Goo\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\World of Goo\install.log"
YouTube to ALLPlayer-->"C:\Program Files (x86)\ALLPlayer\unins001.exe"
Фотогалерия на Windows Live-->MsiExec.exe /X{4444F27C-B1A8-464E-9486-4C37BAB39A09}

======System event log======

Computer Name: WIN-ON19PE10ESJ
Event Code: 7040
Message: Typ uruchamiania usługi Windows Search został zmieniony z auto start na disabled.
Record Number: 3195
Source Name: Service Control Manager
Time Written: 20120407165157.506402-000
Event Type: Informacje
User: LUCZEWSKIPC\Administrator

Computer Name: WIN-ON19PE10ESJ
Event Code: 7036
Message: Usługa Windows Modules Installer weszła w stan running.
Record Number: 3194
Source Name: Service Control Manager
Time Written: 20120407165153.419195-000
Event Type: Informacje
User:

Computer Name: WIN-ON19PE10ESJ
Event Code: 104
Message: Plik dziennika Setup został wyczyszczony.
Record Number: 3193
Source Name: Microsoft-Windows-Eventlog
Time Written: 20120407165153.606395-000
Event Type: Informacje
User: LUCZEWSKIPC\Administrator

Computer Name: WIN-ON19PE10ESJ
Event Code: 104
Message: Plik dziennika Application został wyczyszczony.
Record Number: 3192
Source Name: Microsoft-Windows-Eventlog
Time Written: 20120407165153.559595-000
Event Type: Informacje
User: LUCZEWSKIPC\Administrator

Computer Name: WIN-ON19PE10ESJ
Event Code: 104
Message: Plik dziennika System został wyczyszczony.
Record Number: 3191
Source Name: Microsoft-Windows-Eventlog
Time Written: 20120407165153.543995-000
Event Type: Informacje
User: LUCZEWSKIPC\Administrator

=====Application event log=====

Computer Name: Łuczewskipc
Event Code: 2
Message:
Record Number: 2272089
Source Name: NVIDIA OpenGL Driver
Time Written: 20120826153117.000000-000
Event Type: Ostrzeżenia
User:

Computer Name: Łuczewskipc
Event Code: 2
Message:
Record Number: 2272088
Source Name: NVIDIA OpenGL Driver
Time Written: 20120826153117.000000-000
Event Type: Ostrzeżenia
User:

Computer Name: Łuczewskipc
Event Code: 2
Message:
Record Number: 2272087
Source Name: NVIDIA OpenGL Driver
Time Written: 20120826153117.000000-000
Event Type: Ostrzeżenia
User:

Computer Name: Łuczewskipc
Event Code: 2
Message:
Record Number: 2272086
Source Name: NVIDIA OpenGL Driver
Time Written: 20120826153117.000000-000
Event Type: Ostrzeżenia
User:

Computer Name: Łuczewskipc
Event Code: 2
Message:
Record Number: 2272085
Source Name: NVIDIA OpenGL Driver
Time Written: 20120826153117.000000-000
Event Type: Ostrzeżenia
User:

=====Security event log=====

Computer Name: Łuczewskipc
Event Code: 5058
Message: Operacja na pliku klucza.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-21-2425613530-3582171222-2280058672-1001
Nazwa konta: Łuczewski
Domena konta: LUCZEWSKIPC
Identyfikator logowania: 0x5985a

Parametry funkcji kryptograficznej:
Nazwa dostawcy: Microsoft Software Key Storage Provider
Nazwa algorytmu: Niedostępne.
Nazwa klucza: CertContainer
Typ klucza: Klucz komputera.

Informacje dotyczące operacji na pliku klucza:
Ścieżka do pliku: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ab603ab15b202d8d2891a35c748137a0_b5b41f4a-6cef-449c-8502-b6d7e7d34fe3
Operacja: Odczytaj trwały klucz z pliku.
Kod powrotny: 0x0
Record Number: 19365
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121013170725.283526-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Łuczewskipc
Event Code: 5058
Message: Operacja na pliku klucza.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-21-2425613530-3582171222-2280058672-1001
Nazwa konta: Łuczewski
Domena konta: LUCZEWSKIPC
Identyfikator logowania: 0x5985a

Parametry funkcji kryptograficznej:
Nazwa dostawcy: Microsoft Software Key Storage Provider
Nazwa algorytmu: Niedostępne.
Nazwa klucza: CertContainer
Typ klucza: Klucz komputera.

Informacje dotyczące operacji na pliku klucza:
Ścieżka do pliku: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ab603ab15b202d8d2891a35c748137a0_b5b41f4a-6cef-449c-8502-b6d7e7d34fe3
Operacja: Odczytaj trwały klucz z pliku.
Kod powrotny: 0x0
Record Number: 19364
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121013170725.282526-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Łuczewskipc
Event Code: 5061
Message: Operacja kryptograficzna.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-21-2425613530-3582171222-2280058672-1001
Nazwa konta: Łuczewski
Domena konta: LUCZEWSKIPC
Identyfikator logowania: 0x5985a

Parametry funkcji kryptograficznej:
Nazwa dostawcy: Microsoft Software Key Storage Provider
Nazwa algorytmu: RSA
Nazwa klucza: CertContainer
Typ klucza: Klucz komputera.

Operacja kryptograficzna:
Operacja: Otwórz klucz.
Kod powrotny: 0x0
Record Number: 19363
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121013170632.020479-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Łuczewskipc
Event Code: 5058
Message: Operacja na pliku klucza.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-21-2425613530-3582171222-2280058672-1001
Nazwa konta: Łuczewski
Domena konta: LUCZEWSKIPC
Identyfikator logowania: 0x5985a

Parametry funkcji kryptograficznej:
Nazwa dostawcy: Microsoft Software Key Storage Provider
Nazwa algorytmu: Niedostępne.
Nazwa klucza: CertContainer
Typ klucza: Klucz komputera.

Informacje dotyczące operacji na pliku klucza:
Ścieżka do pliku: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ab603ab15b202d8d2891a35c748137a0_b5b41f4a-6cef-449c-8502-b6d7e7d34fe3
Operacja: Odczytaj trwały klucz z pliku.
Kod powrotny: 0x0
Record Number: 19362
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121013170632.020479-000
Event Type: Sukcesy inspekcji
User:

Computer Name: Łuczewskipc
Event Code: 5061
Message: Operacja kryptograficzna.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-21-2425613530-3582171222-2280058672-1001
Nazwa konta: Łuczewski
Domena konta: LUCZEWSKIPC
Identyfikator logowania: 0x5985a

Parametry funkcji kryptograficznej:
Nazwa dostawcy: Microsoft Software Key Storage Provider
Nazwa algorytmu: RSA
Nazwa klucza: CertContainer
Typ klucza: Klucz komputera.

Operacja kryptograficzna:
Operacja: Otwórz klucz.
Kod powrotny: 0x0
Record Number: 19361
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121013170632.020479-000
Event Type: Sukcesy inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Trend Micro\AMSP;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=8
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"configsetroot"=%SystemRoot%\ConfigSetRoot
"asl.log"=Destination=file
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip

-----------------EOF-----------------
[/log]
i log [log]Logfile of random's system information tool 1.09 (written by random/random)
Run by Łuczewski at 2012-11-25 23:48:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 50 GB (17%) free of 286 GB
Total RAM: 8078 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:48:24, on 2012-11-25
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
C:\Windows\syswow64\svchost.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Users\Łuczewski\Documents\Windows\winsuchost.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Łuczewski\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Łuczewski.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=12.2.5.32&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=2&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O2 - BHO: ALLYouTubeDownloader - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O2 - BHO: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll
O2 - BHO: Another Update v1.1.5 - {793A557B-65BC-48C3-B6F6-D472C5887C2E} - C:\Windows\test32.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O3 - Toolbar: StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
O3 - Toolbar: StartSearchToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction
O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ALLUpdate] "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Windows Explorer] C:\Users\Łuczewski\msdata\iexplorer.exe
O4 - HKCU\..\Run: [MicrosoftProtection] "C:\Users\Łuczewski\AppData\Roaming\MicrosoftProtection.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_14468DE656B7E0BCF56707E1A1C80FF0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Winlogon] C:\Users\Łuczewski\Documents\Windows\svchostu.exe
O4 - HKCU\..\Run: [WindowsStartupKit] C:\Users\Łuczewski\Documents\Windows\mcheck.exe
O4 - HKCU\..\Run: [CommandUtilities] C:\Users\Łuczewski\Documents\Windows\svuhost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-21-2425613530-3582171222-2280058672-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2425613530-3582171222-2280058672-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Usługa Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service for StartNow Toolbar - Unknown owner - C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 17220 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Łuczewski\AppData\Roaming\Mozilla\Firefox\Profiles\30pqe91f.default

prefs.js - "browser.startup.homepage" - "google.pl"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="

"{22C7F6C6-8D67-4534-92B5-529A0EC09405}"=C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\
"avg@toolbar"=C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.110 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Wtyczka wykrywacza iTunes
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npvsharetvplg.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
allegro-pl.xml
avg-secure-search.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

C:\Users\Łuczewski\AppData\Roaming\Mozilla\Firefox\Profiles\30pqe91f.default\extensions\
IplextoALL@ALLPlayer.org
YouTubetoALL@ALLPlayer.org
{5911488E-9D1E-40ec-8CBB-06B231CC153F}
{687578b9-7132-4a7a-80e4-30ee31099e03}

C:\Users\Łuczewski\AppData\Roaming\Mozilla\Firefox\Profiles\30pqe91f.default\searchplugins\
conduit.xml
startsear.xml
yahoo-zugo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-17 185680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61DB16C5-B733-43F4-872E-B20DC9E72740}]
ALLYouTubeDownloader - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL [2012-10-07 1180672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}]
StartNow Toolbar Helper - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll [2012-06-22 627424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-29 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}]
IE5BarLauncherBHO Class - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll [2011-11-24 178048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{793A557B-65BC-48C3-B6F6-D472C5887C2E}]
Another Update v1.1.5 - C:\Windows\test32.dll [2012-11-25 84992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-12-29 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-11-08 1796552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17 234832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-29 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
IplexToALLPlayer - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL [2011-02-09 400384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-11-08 1796552]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
{5911488E-9D1E-40ec-8CBB-06B231CC153F} - StartNow Toolbar - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll [2012-06-22 627424]
{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - StartSearchToolBar - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll [2011-11-24 178048]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-10-19 3331312]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-07 291608]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-10-19 2319536]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2012-11-08 997320]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-05-31 336992]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"HF_G_Jul"=C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe [2012-07-18 36960]
"ROC_ROC_JULY_P1"=C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe [2012-08-27 1022048]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-09-09 421776]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ALLUpdate"=C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2012-10-08 2991616]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2012-08-20 1353080]
""= []
"6"= []
"Windows Explorer"=C:\Users\Łuczewski\msdata\iexplorer.exe [2012-11-22 56832]
"MicrosoftProtection"=C:\Users\Łuczewski\AppData\Roaming\MicrosoftProtection.exe [2012-11-22 56832]
"GoogleChromeAutoLaunch_14468DE656B7E0BCF56707E1A1C80FF0"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2012-10-31 1242136]
"Winlogon"=C:\Users\Łuczewski\Documents\Windows\svchostu.exe [2012-11-22 56832]
"WindowsStartupKit"=C:\Users\Łuczewski\Documents\Windows\mcheck.exe [2012-11-22 56832]
"CommandUtilities"=C:\Users\Łuczewski\Documents\Windows\svuhost.exe [2012-11-25 43520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\SysWOW64\nvinit.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-11-25 23:48:20 ----D---- C:\rsit
2012-11-25 23:48:20 ----D---- C:\Program Files (x86)\trend micro
2012-11-25 22:21:59 ----D---- C:\Program Files (x86)\Hitman Absolution
2012-11-23 00:37:24 ----D---- C:\Program Files (x86)\Google
2012-11-22 17:19:43 ----D---- C:\Program Files (x86)\R.G. Mechanics
2012-11-22 01:33:04 ----RASH---- C:\Users\Łuczewski\AppData\Roaming\MicrosoftProtection.exe
2012-11-21 12:22:49 ----SHD---- C:\Config.Msi
2012-11-21 11:59:41 ----D---- C:\ProgramData\Adobe
2012-11-16 21:38:02 ----D---- C:\Program Files (x86)\Electronic Arts
2012-11-16 21:09:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-11-08 00:07:03 ----D---- C:\Program Files (x86)\ALLYouTubeDownloader
2012-11-08 00:00:52 ----D---- C:\ASUS WebStorage
2012-11-07 23:59:45 ----D---- C:\AVG Secure Search
2012-11-07 23:59:42 ----D---- C:\Urządzenia Bluetooth
2012-11-07 23:59:36 ----D---- C:\Atheros
2012-11-07 23:29:01 ----D---- C:\Program Files (x86)\QuickTime
2012-11-07 23:27:33 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-11-07 23:27:33 ----D---- C:\Program Files (x86)\iTunes
2012-11-06 20:14:24 ----A---- C:\Windows\test64.dll
2012-11-06 20:14:24 ----A---- C:\Windows\test32.dll
2012-10-28 15:00:22 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2012-10-28 15:00:22 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2012-10-28 15:00:22 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2012-10-28 15:00:21 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2012-10-28 15:00:21 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2012-10-28 15:00:21 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2012-10-28 15:00:20 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2012-10-28 15:00:20 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2012-10-28 15:00:20 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2012-10-28 15:00:20 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2012-10-28 15:00:19 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2012-10-28 15:00:18 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2012-10-28 15:00:17 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2012-10-28 15:00:16 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2012-10-28 15:00:16 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2012-10-28 15:00:12 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2012-10-28 15:00:12 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2012-10-28 15:00:11 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2012-10-28 15:00:11 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2012-10-28 15:00:10 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2012-10-28 15:00:10 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2012-10-28 15:00:09 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2012-10-28 15:00:09 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2012-10-28 15:00:09 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2012-10-28 15:00:08 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2012-10-28 15:00:08 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2012-10-28 15:00:08 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2012-10-28 15:00:08 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2012-10-28 15:00:08 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2012-10-28 15:00:06 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2012-10-28 15:00:06 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2012-10-28 15:00:05 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2012-10-28 15:00:05 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2012-10-28 15:00:04 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2012-10-28 15:00:04 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2012-10-28 15:00:03 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2012-10-28 15:00:02 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2012-10-28 15:00:02 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2012-10-28 15:00:02 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2012-10-28 15:00:01 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2012-10-28 15:00:01 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2012-10-28 14:59:59 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2012-10-28 14:59:58 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2012-10-28 14:59:58 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2012-10-28 14:59:58 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2012-10-28 14:59:56 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2012-10-28 14:59:56 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2012-10-28 14:59:55 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2012-10-28 14:59:55 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2012-10-28 14:59:54 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2012-10-28 14:59:53 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2012-10-28 14:59:53 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2012-10-28 14:59:52 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2012-10-28 14:59:52 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2012-10-28 14:59:51 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2012-10-28 14:59:51 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2012-10-28 14:59:50 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2012-10-28 14:59:50 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2012-10-28 14:59:50 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2012-10-28 14:59:48 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2012-10-28 14:59:48 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2012-10-28 14:59:48 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2012-10-28 14:59:47 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2012-10-28 14:59:46 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2012-10-28 14:59:46 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2012-10-28 14:59:45 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2012-10-28 14:59:44 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2012-10-28 14:59:44 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2012-10-28 14:59:44 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2012-10-28 14:59:43 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2012-10-28 14:59:42 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2012-10-28 14:59:36 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2012-10-28 14:59:35 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2012-10-28 14:59:35 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2012-10-28 14:59:34 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2012-10-28 14:59:33 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2012-10-28 14:59:32 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2012-10-28 14:59:30 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2012-10-28 14:59:29 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2012-10-28 14:59:28 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2012-10-28 11:49:18 ----D---- C:\ProgramData\Ubisoft
2012-10-27 16:52:30 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe
2012-10-27 16:52:29 ----D---- C:\Users\Łuczewski\AppData\Roaming\PunkBuster
2012-10-27 16:41:56 ----D---- C:\Program Files (x86)\Ubisoft

======List of files/folders modified in the last 1 month======

2012-11-25 23:48:24 ----D---- C:\Windows\Prefetch
2012-11-25 23:48:20 ----RD---- C:\Program Files (x86)
2012-11-25 23:47:46 ----D---- C:\Users\Łuczewski\AppData\Roaming\uTorrent
2012-11-25 23:16:24 ----D---- C:\Windows\Temp
2012-11-25 23:06:01 ----SHD---- C:\System Volume Information
2012-11-25 23:04:09 ----SD---- C:\ProgramData\Microsoft
2012-11-25 23:02:29 ----A---- C:\Windows\SysWOW64\log.txt
2012-11-25 23:01:36 ----D---- C:\Users\Łuczewski\AppData\Roaming\Skype
2012-11-25 23:00:42 ----D---- C:\Program Files (x86)\Steam
2012-11-25 18:51:42 ----RD---- C:\Program Files
2012-11-23 16:49:15 ----D---- C:\Users\Łuczewski\AppData\Roaming\SoftGrid Client
2012-11-23 11:50:26 ----D---- C:\Users\Łuczewski\AppData\Roaming\vlc
2012-11-23 00:42:02 ----SHD---- C:\Windows\Installer
2012-11-23 00:37:25 ----D---- C:\Windows\Tasks
2012-11-23 00:35:16 ----HD---- C:\ProgramData
2012-11-22 17:32:59 ----D---- C:\Windows\SysWOW64
2012-11-22 17:12:22 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-11-21 12:45:37 ----D---- C:\Windows
2012-11-21 12:44:51 ----D---- C:\Windows\System32
2012-11-21 12:44:27 ----RSD---- C:\Windows\assembly
2012-11-21 12:00:22 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-11-18 12:00:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-16 21:38:03 ----D---- C:\Program Files (x86)\Common Files\BioWare
2012-11-16 21:33:36 ----RD---- C:\Users
2012-11-09 14:55:31 ----D---- C:\Windows\inf
2012-11-08 22:20:36 ----D---- C:\ProgramData\AVG Secure Search
2012-11-08 22:20:31 ----D---- C:\Program Files (x86)\AVG Secure Search
2012-11-08 00:07:16 ----D---- C:\Program Files (x86)\NapiProjekt
2012-11-08 00:07:00 ----D---- C:\Program Files (x86)\ALLMediaServer
2012-11-08 00:06:57 ----D---- C:\Program Files (x86)\ALLPlayer
2012-11-07 23:27:33 ----D---- C:\ProgramData\Apple Computer
2012-11-07 23:27:33 ----D---- C:\Program Files (x86)\Common Files\Apple
2012-11-06 14:12:58 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2012-11-01 22:26:59 ----D---- C:\ProgramData\Skype
2012-10-27 14:02:12 ----D---- C:\Program Files (x86)\Origin
2012-10-26 10:50:12 ----D---- C:\Program Files (x86)\Common Files\Steam

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys []
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys []
R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys []
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys []
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys []
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys []
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2012-01-30 17152]
R3 AsusVBus;AsusVBus; C:\Windows\system32\DRIVERS\AsusVBus.sys []
R3 AsusVTouch;AsusVTouch; C:\Windows\system32\DRIVERS\AsusVTouch.sys []
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys []
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys []
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys []
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys []
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys []
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys []
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
R3 BthEnum;Sterownik Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys []
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys []
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys []
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys []
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys []
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys []
S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []
S3 WinUSB;Sterownik WinUsb; C:\Windows\system32\DRIVERS\WinUSB.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe []
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-02-17 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-12-29 106144]
R2 Bonjour Service;Usługa Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-29 277784]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-04 2458944]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-11-21 75136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-29 363800]
R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar; C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2012-06-22 265952]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-08 711112]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 iPod Service;Usługa iPod; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 936848]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-10-25 529744]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-21 250808]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 267480]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-22 276248]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-16 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------
[/log]

Gość
komentarz
komentarz (edytowane)

[color=#2C2C2C][font=tahoma, helvetica, arial, sans-serif][size=3]Wykonuj kolejno poniższe kroki.[/size][/font][/color]

[b]1.[/b][color=#2C2C2C][font=tahoma, helvetica, arial, sans-serif][size=3] Otwórz Notatnik i wklej w nim:[/size][/font][/color]

[code]
reg delete HKCU\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} /f
reg add HKLM\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 /ve /t REG_SZ /d C:\Windows\system32\wbem\fastprox.dll /f
[/code]
[b]Z menu Notatnika > Plik > Zapisz jako > Ustaw rozszerzenie na Wszystkie pliki > Zapisz jako FIX.BAT[/b]

[color=#2C2C2C][font=tahoma, helvetica, arial, sans-serif][size=3]Uruchom ten plik. Zrestartuj komputer.[/size][/font][/color]

2. Otwórz Notatnik i wklej w nim:

[code]
TAKEOWN /F C:\$Recycle.Bin\S-1-5-18 /R /A /D Y
icacls C:\$Recycle.Bin\S-1-5-18 /grant Wszyscy:F /T
icacls C:\$Recycle.Bin\S-1-5-21-2425613530-3582171222-2280058672-1001\$671c68d993da727758a32c6e0ca12e1 /grant Wszyscy:F /T
rd /s /q C:\$Recycle.Bin

pause
[/code]
Z menu Notatnika > Plik > Zapisz jako > Ustaw rozszerzenie na Wszystkie pliki > Zapisz jako FIX.BAT

Uruchom plik. Zrestartuj komputer.

[b]Z menu Notatnika > Plik > Zapisz jako > Ustaw rozszerzenie na Wszystkie pliki > Zapisz jako FIX.BAT[/b]

[color=#2C2C2C][font=tahoma, helvetica, arial, sans-serif][size=3]Uruchom plik. Zrestartuj komputer.[/size][/font][/color]
[color=#2C2C2C][font=tahoma, helvetica, arial, sans-serif][size=3]3.Uruchom OTL i w okno włsne opcje skanowania/skrypt wklej;[/size][/font][/color]




[code]
:Services
Updater Service for StartNow Toolbar

:OTL

FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
O2:64bit: - BHO: (Another Update v1.1.5) - {793A557B-65BC-48C3-B6F6-D472C5887C2E} - C:\Windows\test64.dll ()
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O2 - BHO: (Another Update v1.1.5) - {793A557B-65BC-48C3-B6F6-D472C5887C2E} - C:\Windows\test32.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [6] File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [CommandUtilities] C:\Users\Łuczewski\Documents\Windows\svuhost.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [MicrosoftProtection] C:\Users\Łuczewski\AppData\Roaming\MicrosoftProtection.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Windows Explorer] C:\Users\Łuczewski\msdata\iexplorer.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsStartupKit] C:\Users\Łuczewski\Documents\Windows\mcheck.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Winlogon] C:\Users\Łuczewski\Documents\Windows\svchostu.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
F3:64bit: - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001 WinNT: Load - (C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com) - C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com (gCemggAcBL)


:Files
C:\Users\Łuczewski\Documents\Windows\winsuchost.exe
C:\Users\Łuczewski\msdata\explorer.exe
C:\Users\Łuczewski\Documents\Windows\miner.dll
C:\Users\Łuczewski\Documents\Windows\usft_ext.dll
C:\Windows\test64.dll
C:\Windows\test32.dll
:Commands
[emptytemp]

[/code]

Kliknij wykonaj skrypt


4.Podaj nowy log z OTL

Janek92brum
komentarz
komentarz (edytowane)

czy pomiędzy 2 a 3 krokiem nie zapomniałeś czegoś dodać ?

dobra zrobiłem jak pisałeś
1)OTL
[log]OTL logfile created on: 2012-11-26 11:45:15 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Łuczewski\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 5,74 Gb Available Physical Memory | 72,81% Memory free
15,78 Gb Paging File | 13,38 Gb Available in Paging File | 84,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 23,72 Gb Free Space | 8,49% Space Free | Partition Type: NTFS
Drive D: | 394,45 Gb Total Space | 44,54 Gb Free Space | 11,29% Space Free | Partition Type: NTFS
Drive F: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCZEWSKIPC | User Name: Łuczewski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-11-26 11:42:41 | 000,046,080 | ---- | M] (HEWGBhyj HJERe) -- C:\Users\Łuczewski\Documents\Windows\windowsworker.exe
PRC - [2012-11-25 23:32:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Łuczewski\Downloads\OTL.exe
PRC - [2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\msdata\explorer.exe
PRC - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-11-08 22:20:30 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012-11-08 22:20:30 | 000,711,112 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
PRC - [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-10-25 15:27:11 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-09-09 23:30:34 | 000,421,776 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2012-08-20 08:39:39 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012-08-11 16:43:06 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2012-07-13 12:33:24 | 017,418,928 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
PRC - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2012-06-22 14:55:48 | 000,265,952 | ---- | M] () -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
PRC - [2012-05-31 05:10:58 | 000,336,992 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2012-02-29 02:19:04 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012-02-29 02:19:02 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012-02-17 02:04:20 | 000,289,408 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
PRC - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
PRC - [2012-02-07 05:12:52 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-01-30 22:32:16 | 001,120,936 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012-01-04 13:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
PRC - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011-12-21 22:15:54 | 000,017,872 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
PRC - [2011-10-19 23:59:44 | 003,331,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\APRP\aprp.exe
PRC - [2011-10-03 19:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011-03-28 19:45:09 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe
PRC - [2009-07-14 02:14:42 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]
PRC - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe [comLaunch]


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-11-26 11:42:44 | 000,360,448 | ---- | M] (UREhfuie UIERhfuie) -- C:\Users\Łuczewski\Documents\Windows\usft_ext.dll
MOD - [2012-11-26 11:42:44 | 000,271,360 | ---- | M] (URIfheu EURIfhe) -- C:\Users\Łuczewski\Documents\Windows\miner.dll
MOD - [2012-11-26 11:42:41 | 000,046,080 | ---- | M] (HEWGBhyj HJERe) -- C:\Users\Łuczewski\Documents\Windows\windowsworker.exe
MOD - [2012-11-25 23:32:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Łuczewski\Downloads\OTL.exe
MOD - [2012-11-08 22:20:30 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012-11-08 22:20:30 | 000,566,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll
MOD - [2012-11-08 22:20:30 | 000,134,600 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll
MOD - [2012-10-31 23:15:08 | 001,242,136 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
MOD - [2012-10-31 23:15:05 | 000,460,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
MOD - [2012-10-31 23:15:04 | 012,455,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
MOD - [2012-10-31 23:15:02 | 004,007,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
MOD - [2012-10-31 23:13:47 | 000,587,288 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libglesv2.dll
MOD - [2012-10-31 23:13:46 | 000,123,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\libegl.dll
MOD - [2012-10-31 23:13:44 | 009,962,520 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\icudt.dll
MOD - [2012-10-31 23:13:37 | 041,741,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\chrome.dll
MOD - [2012-10-31 23:13:35 | 000,156,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avutil-51.dll
MOD - [2012-10-31 23:13:34 | 000,274,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avformat-54.dll
MOD - [2012-10-31 23:13:32 | 002,168,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll
MOD - [2012-10-25 15:27:17 | 000,278,352 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\crashhandler.dll
MOD - [2012-10-25 15:27:16 | 006,839,632 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steamclient.dll
MOD - [2012-10-25 15:27:16 | 000,237,904 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\tier0_s.dll
MOD - [2012-10-25 15:27:16 | 000,212,304 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\vstdlib_s.dll
MOD - [2012-10-25 15:27:16 | 000,122,864 | ---- | M] (Valve) -- C:\Program Files (x86)\Steam\CSERHelper.dll
MOD - [2012-10-25 15:27:11 | 000,659,792 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\vgui2_s.DLL
MOD - [2012-10-25 15:27:10 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012-10-25 15:27:10 | 001,744,720 | ---- | M] (Valve Corporation) -- c:\program files (x86)\steam\bin\serverbrowser.dll
MOD - [2012-10-25 15:27:07 | 009,955,112 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Steam\bin\icudt.dll
MOD - [2012-10-25 15:27:05 | 002,340,176 | ---- | M] (Valve Corporation) -- c:\program files (x86)\steam\bin\friendsui.dll
MOD - [2012-10-25 15:27:05 | 000,168,272 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\bin\filesystem_steam.DLL
MOD - [2012-10-25 15:27:04 | 002,975,568 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.dll
MOD - [2012-10-25 15:27:04 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012-10-25 15:27:04 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2012-10-25 15:27:04 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012-10-25 15:27:04 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012-10-25 15:27:02 | 004,061,008 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\SteamUI.dll
MOD - [2012-10-25 15:27:02 | 001,039,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Steam\DbgHelp.dll
MOD - [2012-10-11 21:56:24 | 000,124,816 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MOD - [2012-10-11 21:56:20 | 000,043,408 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MOD - [2012-10-11 21:56:12 | 001,079,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MOD - [2012-10-11 21:56:08 | 000,075,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MOD - [2012-10-02 23:21:00 | 015,309,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
MOD - [2012-10-02 23:21:00 | 007,697,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuda.dll
MOD - [2012-10-02 23:21:00 | 002,428,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll
MOD - [2012-10-02 23:21:00 | 000,831,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvumdshim.dll
MOD - [2012-10-02 23:21:00 | 000,286,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll
MOD - [2012-10-02 23:21:00 | 000,221,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll
MOD - [2012-10-02 23:21:00 | 000,202,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvinit.dll
MOD - [2012-09-10 00:06:48 | 000,050,064 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\pl.lproj\iTunesHelperLocalized.DLL
MOD - [2012-09-09 23:30:36 | 000,048,528 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MOD - [2012-09-09 23:30:34 | 000,421,776 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
MOD - [2012-09-09 23:30:34 | 000,156,560 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.dll
MOD - [2012-08-24 08:27:00 | 012,319,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012-08-24 08:03:49 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012-08-24 07:59:17 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012-08-24 07:51:50 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012-08-24 07:51:27 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012-08-24 07:49:15 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2012-08-24 07:44:35 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012-08-20 08:39:39 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
MOD - [2012-08-11 16:43:16 | 001,447,824 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MOD - [2012-07-13 12:33:24 | 017,418,928 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
MOD - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012-06-06 06:05:52 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
MOD - [2012-06-06 06:05:52 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2012-06-02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012-06-02 05:40:39 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2012-06-02 05:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2012-06-02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2012-05-31 05:10:58 | 000,336,992 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
MOD - [2012-05-30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012-05-30 19:06:34 | 000,456,552 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
MOD - [2012-05-30 19:06:32 | 000,053,608 | ---- | M] (Open Source Software community project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MOD - [2012-05-30 19:06:30 | 001,292,136 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
MOD - [2012-05-30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012-05-30 19:06:30 | 000,923,496 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
MOD - [2012-05-30 19:06:28 | 016,303,976 | ---- | M] (The ICU Project) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
MOD - [2012-05-30 19:06:20 | 002,463,632 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
MOD - [2012-05-05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2012-04-24 05:36:42 | 001,158,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012-04-24 05:36:42 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2012-04-21 05:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
MOD - [2012-04-07 17:32:56 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2012-04-07 17:32:56 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2012-04-07 17:23:37 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012-04-07 17:23:37 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012-03-04 21:22:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2012-03-03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012-03-01 06:37:41 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012-03-01 06:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012-02-22 08:18:14 | 006,120,960 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\igdumd32.dll
MOD - [2012-02-07 05:12:52 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
MOD - [2012-02-07 05:12:52 | 000,073,728 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
MOD - [2012-01-30 22:32:18 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\ASUS\USBChargerPlus\mfc100u.dll
MOD - [2012-01-30 22:32:16 | 001,120,936 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
MOD - [2012-01-18 02:43:18 | 004,368,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\ASUS\ASUS LifeFrame3\mfc100u.dll
MOD - [2012-01-18 02:43:16 | 000,448,672 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS LifeFrame3\camera_effect.ax
MOD - [2012-01-18 02:43:14 | 000,768,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\ASUS\ASUS LifeFrame3\MSVCR100.dll
MOD - [2012-01-13 01:17:14 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2012-01-04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2011-12-21 22:15:56 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\MSVCR100.dll
MOD - [2011-12-21 22:15:56 | 000,068,048 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.dll
MOD - [2011-12-21 22:15:54 | 000,017,872 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
MOD - [2011-12-16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 06:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011-10-26 05:32:11 | 001,328,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\quartz.dll
MOD - [2011-10-19 23:59:44 | 003,331,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\APRP\aprp.exe
MOD - [2011-10-19 22:44:44 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-10-19 22:44:44 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-10-19 22:41:53 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-10-19 22:38:36 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-10-19 22:38:36 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-10-19 22:25:33 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011-10-19 22:24:29 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-10-03 19:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
MOD - [2011-08-30 22:05:04 | 000,073,064 | ---- | M] (Apple Inc.) -- C:\Windows\SysWOW64\dnssd.dll
MOD - [2011-08-30 22:05:02 | 000,121,704 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-06-11 09:58:52 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\ASUS\USBChargerPlus\MSVCR100.dll
MOD - [2011-03-29 04:31:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MOD - [2011-03-28 19:45:09 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe
MOD - [2011-03-28 19:45:09 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2011-03-28 19:44:08 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011-03-28 19:43:24 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2010-11-20 13:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-20 13:21:40 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010-11-20 13:21:40 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll
MOD - [2010-11-20 13:21:38 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-20 13:21:38 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010-11-20 13:21:38 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-20 13:21:38 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-20 13:21:38 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010-11-20 13:21:36 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-20 13:21:36 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll
MOD - [2010-11-20 13:21:36 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010-11-20 13:21:34 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-20 13:21:34 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-20 13:21:28 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010-11-20 13:21:28 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-20 13:21:26 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sqmapi.dll
MOD - [2010-11-20 13:21:26 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-20 13:21:20 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-20 13:21:16 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-20 13:21:16 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-20 13:21:06 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010-11-20 13:21:04 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-20 13:21:04 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-20 13:20:58 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-20 13:20:52 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pdh.dll
MOD - [2010-11-20 13:20:50 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-20 13:20:50 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010-11-20 13:20:50 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-20 13:20:30 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-20 13:19:58 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-20 13:19:56 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvfw32.dll
MOD - [2010-11-20 13:19:48 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msftedit.dll
MOD - [2010-11-20 13:19:48 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010-11-20 13:19:46 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-20 13:19:46 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-11-20 13:19:40 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-20 13:19:34 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mf.dll
MOD - [2010-11-20 13:19:34 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mapi32.dll
MOD - [2010-11-20 13:19:24 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-20 13:19:06 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll
MOD - [2010-11-20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010-11-20 13:19:04 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-20 13:19:02 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-20 13:19:02 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\evr.dll
MOD - [2010-11-20 13:18:38 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-20 13:18:28 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010-11-20 13:18:26 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010-11-20 13:18:26 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2010-11-20 13:18:26 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptui.dll
MOD - [2010-11-20 13:18:26 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-20 13:18:26 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-20 13:18:26 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010-11-20 13:18:24 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 13:18:24 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-20 13:18:06 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-20 13:18:04 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-20 13:18:04 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-20 13:16:54 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksproxy.ax
MOD - [2010-11-20 13:16:54 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Kswdmcap.ax
MOD - [2010-11-20 13:16:52 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-20 13:16:52 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-20 13:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-20 13:08:58 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-20 13:08:52 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-20 13:08:52 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-20 12:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-05-26 10:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DCompiler_43.dll
MOD - [2010-05-26 10:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\D3DX9_43.dll
MOD - [2009-07-14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll
MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll
MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009-07-14 02:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2009-07-14 02:16:17 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAutomationCore.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 02:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 02:16:12 | 000,791,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\opengl32.dll
MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 02:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 02:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll
MOD - [2009-07-14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 02:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfplat.dll
MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 02:15:22 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\glu32.dll
MOD - [2009-07-14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 02:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-07-14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009-07-14 02:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009-07-14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 02:14:42 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
MOD - [2009-07-14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe
MOD - [2009-07-14 02:14:11 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vidcap.ax
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 02:09:53 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\security.dll
MOD - [2009-07-14 02:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:[b]64bit:[/b] - [2012-02-03 06:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:[b]64bit:[/b] - [2011-03-04 00:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2010-09-23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010-09-17 09:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-11-21 12:00:22 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-16 21:09:32 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-11-08 22:20:30 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012-10-25 15:27:11 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-06-22 14:55:48 | 000,265,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate)
SRV - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc)
SRV - [2012-06-07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-02-29 02:19:04 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-02-29 02:19:02 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-02-22 08:18:24 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2011-12-29 23:09:24 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-11-08 22:20:30 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:[b]64bit:[/b] - [2012-10-02 23:21:00 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012-05-31 05:10:48 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-22 08:18:14 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012-02-20 03:31:14 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2012-02-19 19:16:24 | 000,200,488 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:56 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:[b]64bit:[/b] - [2012-01-11 05:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:54 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:54 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:24 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:06 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:54 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:36 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:18 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2011-12-28 08:15:50 | 000,292,456 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:[b]64bit:[/b] - [2011-12-23 04:09:00 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011-12-21 22:15:56 | 000,035,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVBus.sys -- (AsusVBus)
DRV:[b]64bit:[/b] - [2011-11-10 09:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2011-11-08 03:48:28 | 000,016,512 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVTouch.sys -- (AsusVTouch)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011-08-23 14:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-05-13 23:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010-11-20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:[b]64bit:[/b] - [2009-07-20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-05-24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AiCharger.sys -- (AiCharger)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=2&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752&q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=12.2.5.32&sap=hp
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://isearch.avg.com/?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=11.1.0.7&sap=hp
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120711&user_guid=AFCCE6B745DF4E30BBBF417FDD48D994&machine_id=ec080796f5004ab7455755a0b4f5c227&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752&q={searchTerms}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{98DB4022-589B-40F9-B822-84C3AD18B2CD}: "URL" = https://isearch.avg.com/search?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledAddons: {687578b9-7132-4a7a-80e4-30ee31099e03}:3.16.0.3
FF - prefs.js..extensions.enabledAddons: {862FF4F2-E810-11E0-8FEF-D73D4824019B}:1.1.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011-10-20 00:10:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012-11-08 22:20:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-16 21:09:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-11-07 23:29:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-16 21:09:31 | 000,000,000 | ---D | M]

[2012-06-21 21:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Extensions
[2012-11-26 01:02:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions
[2012-08-30 10:29:32 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2012-11-15 15:38:29 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012-11-08 00:06:48 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org
[2012-11-26 01:02:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\staged
[2012-11-08 00:07:04 | 000,000,000 | ---D | M] (ALLYouTubeDownloader) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-06-22 17:10:04 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org.xpi
[2012-10-28 12:28:23 | 000,013,713 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org.xpi
[2012-11-25 23:33:20 | 000,150,412 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.xpi
[2012-11-26 00:33:18 | 000,185,911 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\staged\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.xpi
[2012-06-07 20:16:04 | 000,000,935 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\conduit.xml
[2012-09-15 20:34:56 | 000,000,792 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\startsear.xml
[2012-07-11 17:06:27 | 000,001,390 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\yahoo-zugo.xml
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{687578B9-7132-4A7A-80E4-30EE31099E03}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.XPI
[2012-11-16 21:09:32 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-10-27 14:45:50 | 000,083,456 | ---- | M] (LiveVDO ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2012-06-15 00:13:23 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-11-08 22:20:31 | 000,003,574 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-06-15 00:13:23 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-15 00:13:23 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-15 00:13:23 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-15 00:13:23 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-15 00:13:23 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.20 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Another Update = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bipiocmkdofpgpdebagkjpgcpbjmbgkn\1.1.2_0\
CHR - Extension: YouTube = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Szukaj w Google = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: AVG Secure Search = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\
CHR - Extension: AVG Secure Search = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak
CHR - Extension: uTorrentControl2 = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\
CHR - Extension: LiveVDO plugin = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\
CHR - Extension: Gmail = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:[b]64bit:[/b] - BHO: (Another Update v1.1.5) - {793A557B-65BC-48C3-B6F6-D472C5887C2E} - C:\Windows\test64.dll ()
O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:[b]64bit:[/b] - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (ALLYouTubeDownloader) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL (ALLCinema Ltd.)
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O2 - BHO: (Another Update v1.1.5) - {793A557B-65BC-48C3-B6F6-D472C5887C2E} - C:\Windows\test32.dll ()
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [6] File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe (ALLCinema)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [CommandUtilities] C:\Users\Łuczewski\Documents\Windows\svuhost.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [GoogleChromeAutoLaunch_14468DE656B7E0BCF56707E1A1C80FF0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [MicrosoftProtection] C:\Users\Łuczewski\AppData\Roaming\MicrosoftProtection.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Windows Explorer] C:\Users\Łuczewski\msdata\iexplorer.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsDefender] C:\Users\Łuczewski\Documents\Windows\firewall.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsStartupKit] C:\Users\Łuczewski\Documents\Windows\mcheck.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsWorker] C:\Users\Łuczewski\Documents\Windows\winworker.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Winlogon] C:\Users\Łuczewski\Documents\Windows\svchostu.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
F3:[b]64bit:[/b] - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001 WinNT: Load - (C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com) - C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com (gCemggAcBL)
F3 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001 WinNT: Load - (C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com) - C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com (gCemggAcBL)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.231.1.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CDAE1432-797B-4373-8C50-8015FD4769B8}: DhcpNameServer = 217.172.224.160 89.231.1.206
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-11-30 00:28:45 | 000,000,044 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2011-01-10 22:14:21 | 001,103,232 | R--- | M] (THQ Inc.)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-11-26 11:42:45 | 000,000,000 | R--D | C] -- C:\Users\Łuczewski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012-11-26 01:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Absolution
[2012-11-26 00:20:46 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-11-25 23:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-11-25 23:48:20 | 000,000,000 | ---D | C] -- C:\rsit
[2012-11-25 22:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hitman Absolution
[2012-11-25 14:57:00 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Desktop\notatki fizyka
[2012-11-24 18:21:29 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Windows
[2012-11-23 00:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-11-23 00:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012-11-22 17:42:35 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Assassin's Creed III
[2012-11-22 17:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Mechanics
[2012-11-22 01:33:09 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\msdata
[2012-11-21 22:52:16 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\Drivers
[2012-11-21 12:45:20 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012-11-21 11:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-11-17 14:13:06 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\SWTOR
[2012-11-17 14:13:06 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\HeroBlade Logs
[2012-11-16 21:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2012-11-16 21:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012-11-16 21:09:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-11-08 00:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLYouTubeDownloader
[2012-11-08 00:06:08 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\Programs
[2012-11-08 00:00:52 | 000,000,000 | ---D | C] -- C:\ASUS WebStorage
[2012-11-07 23:59:45 | 000,000,000 | ---D | C] -- C:\AVG Secure Search
[2012-11-07 23:59:42 | 000,000,000 | ---D | C] -- C:\Urządzenia Bluetooth
[2012-11-07 23:59:36 | 000,000,000 | ---D | C] -- C:\Atheros
[2012-11-07 23:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012-11-07 23:29:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012-11-07 23:28:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-11-07 23:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012-10-28 16:05:51 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\Ubisoft Game Launcher
[2012-10-28 16:05:48 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Assassin's Creed Revelations
[2012-10-28 11:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2012-10-27 16:52:29 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\PunkBuster
[2012-10-27 16:41:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012-10-13 14:14:20 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\ElevatedDiagnostics
[2012-10-08 15:08:11 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\FIFA 13
[2012-10-07 12:29:41 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\vlc
[2012-10-07 12:29:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012-10-07 12:28:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012-10-06 21:14:20 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\FIFA 11
[2012-10-06 21:11:36 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Leadertech
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-11-26 11:42:24 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-26 11:42:22 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012-11-26 11:42:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-26 11:42:09 | 2057,707,519 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-26 11:41:36 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-26 11:41:36 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-26 11:39:12 | 000,000,258 | ---- | M] () -- C:\Users\Łuczewski\Desktop\FIX.BAT
[2012-11-26 11:08:48 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-26 11:08:48 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-11-26 01:02:41 | 000,084,992 | ---- | M] () -- C:\Windows\test32.dll
[2012-11-26 01:02:40 | 000,096,768 | ---- | M] () -- C:\Windows\test64.dll
[2012-11-25 12:12:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012-11-23 00:39:57 | 000,002,301 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\tep512993
[2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\tep512650
[2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\tep512284
[2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\MicrosoftProtection.exe
[2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-11-21 12:45:18 | 000,001,207 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Uplay.lnk
[2012-11-16 21:38:03 | 000,001,441 | ---- | M] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
[2012-11-09 14:55:31 | 001,694,898 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-11-09 14:55:31 | 000,749,844 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-11-09 14:55:31 | 000,664,012 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-11-09 14:55:31 | 000,158,582 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-11-09 14:55:31 | 000,125,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-11-09 14:51:03 | 001,363,641 | ---- | M] () -- C:\Users\Łuczewski\Desktop\chemikalia.pdf
[2012-11-08 22:20:30 | 000,030,568 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012-11-08 00:07:15 | 000,000,976 | ---- | M] () -- C:\Users\Łuczewski\Desktop\NapiProjekt.lnk
[2012-11-08 00:07:04 | 000,001,157 | ---- | M] () -- C:\Users\Public\Desktop\ALL YouTube Downloader.lnk
[2012-11-08 00:07:00 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\ALL Media Server.lnk
[2012-11-08 00:06:53 | 000,001,025 | ---- | M] () -- C:\Users\Łuczewski\Desktop\ALLPlayer.lnk
[2012-11-07 23:29:08 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012-11-07 23:28:05 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-03 21:04:08 | 000,000,865 | ---- | M] () -- C:\Users\Łuczewski\Desktop\ekipa.contact
[2012-10-29 12:18:14 | 000,001,384 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Play Assassin's Creed Revelations.lnk
[2012-10-12 22:28:23 | 000,189,774 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Rozciąganie.pdf
[2012-10-07 12:29:11 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012-10-03 17:04:32 | 000,006,690 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Nowy dokument dziennika.jnt
[2012-10-02 23:21:00 | 000,016,127 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012-10-02 20:51:15 | 003,536,817 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2012-09-29 12:33:58 | 000,032,688 | ---- | M] () -- C:\Users\Łuczewski\Desktop\PowtarzanieSem_136603.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-11-26 11:39:12 | 000,000,258 | ---- | C] () -- C:\Users\Łuczewski\Desktop\FIX.BAT
[2012-11-23 00:39:57 | 000,002,301 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-23 00:37:25 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-23 00:37:24 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-22 01:33:04 | 000,056,832 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\tep512993
[2012-11-22 01:33:04 | 000,056,832 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\tep512650
[2012-11-22 01:33:04 | 000,056,832 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\tep512284
[2012-11-22 01:33:04 | 000,056,832 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\MicrosoftProtection.exe
[2012-11-21 12:45:18 | 000,001,207 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Uplay.lnk
[2012-11-16 21:38:03 | 000,001,441 | ---- | C] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
[2012-11-09 14:51:02 | 001,363,641 | ---- | C] () -- C:\Users\Łuczewski\Desktop\chemikalia.pdf
[2012-11-08 00:07:04 | 000,001,157 | ---- | C] () -- C:\Users\Public\Desktop\ALL YouTube Downloader.lnk
[2012-11-07 23:29:08 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012-11-07 23:28:05 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-06 20:14:24 | 000,096,768 | ---- | C] () -- C:\Windows\test64.dll
[2012-11-06 20:14:24 | 000,084,992 | ---- | C] () -- C:\Windows\test32.dll
[2012-11-03 21:04:08 | 000,000,865 | ---- | C] () -- C:\Users\Łuczewski\Desktop\ekipa.contact
[2012-10-29 12:18:14 | 000,001,384 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Play Assassin's Creed Revelations.lnk
[2012-10-27 16:52:30 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-10-15 22:39:28 | 000,549,526 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz27_01.pdf
[2012-10-15 22:39:28 | 000,326,319 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz33_01.pdf
[2012-10-15 22:39:28 | 000,206,389 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz29A_01.pdf
[2012-10-15 22:39:28 | 000,167,468 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz28_01.pdf
[2012-10-15 22:39:28 | 000,146,218 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz29_01.pdf
[2012-10-15 22:39:28 | 000,132,546 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz35_01.pdf
[2012-10-15 22:39:28 | 000,122,541 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz31_01.pdf
[2012-10-15 22:39:28 | 000,116,200 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz30_01.pdf
[2012-10-15 22:39:28 | 000,096,217 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Cwicz34_01.pdf
[2012-10-12 22:28:19 | 000,189,774 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Rozciąganie.pdf
[2012-10-07 12:29:11 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012-09-29 12:33:58 | 000,032,688 | ---- | C] () -- C:\Users\Łuczewski\Desktop\PowtarzanieSem_136603.pdf
[2012-07-11 17:06:17 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-06-21 16:58:37 | 000,000,380 | ---- | C] () -- C:\Users\Łuczewski\AppData\Roaming\sp_data.sys
[2012-06-21 15:24:40 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-06-21 15:24:40 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012-06-19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-03-13 10:08:55 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012-03-13 10:08:49 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012-03-13 10:08:47 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-03-13 10:08:45 | 013,020,160 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012-02-03 06:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011-10-20 00:00:15 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011-10-19 23:42:45 | 001,719,502 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-09-28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2012-11-26 00:26:26 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2012-11-26 00:26:26 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2012-07-20 10:16:41 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Nuance
[2012-07-20 10:16:37 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Zeon
[2012-08-27 10:15:35 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\.minecraft
[2012-06-21 15:34:48 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\ASUS WebStorage
[2012-07-29 20:16:36 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\Kalypso Media
[2012-10-06 21:11:36 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\Leadertech
[2012-06-21 18:25:33 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\Nuance
[2012-09-27 11:53:30 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\Origin
[2012-06-21 18:30:37 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\PowerISO
[2012-10-27 16:52:29 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\PunkBuster
[2012-11-26 11:29:48 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\SoftGrid Client
[2012-06-24 17:50:42 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\Thunderbird
[2012-06-28 10:14:25 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\TP
[2012-08-25 15:51:55 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\TS3Client
[2012-11-26 11:29:33 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\uTorrent
[2012-06-21 18:25:25 | 000,000,000 | ---D | M] -- C:\Users\Łuczewski\AppData\Roaming\Zeon

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< :Services >[/color]
[2009-07-14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009-07-14 06:08:49 | 000,032,514 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012-04-07 17:23:50 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012-04-07 17:23:51 | 000,000,828 | ---- | C] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012-06-22 23:03:06 | 000,000,930 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012-11-23 00:37:24 | 000,001,050 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012-11-23 00:37:25 | 000,001,054 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[color=#A23BEC]< Updater Service for StartNow Toolbar >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< :OTL >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< FF - prefs.js..browser.search.defaultengine: "Web Search" >[/color]

[color=#A23BEC]< FF - prefs.js..browser.search.defaultenginename: "Web Search" >[/color]

[color=#A23BEC]< FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search" >[/color]

[color=#A23BEC]< FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}" >[/color]

[color=#A23BEC]< O2:64bit: - BHO: (Another Update v1.1.5) - {793A557B-65BC-48C3-B6F6-D472C5887C2E} - C:\Windows\test64.dll () >[/color]

[color=#A23BEC]< O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) >[/color]

[color=#A23BEC]< O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll () >[/color]

[color=#A23BEC]< O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) >[/color]

[color=#A23BEC]< O2 - BHO: (Another Update v1.1.5) - {793A557B-65BC-48C3-B6F6-D472C5887C2E} - C:\Windows\test32.dll () >[/color]

[color=#A23BEC]< O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. >[/color]

[color=#A23BEC]< O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll () >[/color]

[color=#A23BEC]< O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) >[/color]

[color=#A23BEC]< O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.) >[/color]

[color=#A23BEC]< O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. >[/color]

[color=#A23BEC]< O3 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. >[/color]

[color=#A23BEC]< O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () >[/color]

[color=#A23BEC]< O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [] File not found >[/color]

[color=#A23BEC]< O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [6] File not found >[/color]

[color=#A23BEC]< O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [CommandUtilities] C:\Users\Łuczewski\Documents\Windows\svuhost.exe () >[/color]

[color=#A23BEC]< O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [MicrosoftProtection] C:\Users\Łuczewski\AppData\Roaming\MicrosoftProtection.exe () >[/color]

[color=#A23BEC]< O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Windows Explorer] C:\Users\Łuczewski\msdata\iexplorer.exe () >[/color]

[color=#A23BEC]< O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsStartupKit] C:\Users\Łuczewski\Documents\Windows\mcheck.exe () >[/color]

[color=#A23BEC]< O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Winlogon] C:\Users\Łuczewski\Documents\Windows\svchostu.exe () >[/color]

[color=#A23BEC]< O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found >[/color]

[color=#A23BEC]< O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found >[/color]

[color=#A23BEC]< O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found >[/color]

[color=#A23BEC]< F3:64bit: - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001 WinNT: Load - (C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com) - C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com (gCemggAcBL) >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< :Files >[/color]

[color=#A23BEC]< C:\Users\Łuczewski\Documents\Windows\winsuchost.exe >[/color]

[color=#A23BEC]< C:\Users\Łuczewski\msdata\explorer.exe >[/color]
[2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\msdata\explorer.exe

[color=#A23BEC]< C:\Users\Łuczewski\Documents\Windows\miner.dll >[/color]
[2012-11-26 11:42:44 | 000,271,360 | ---- | M] (URIfheu EURIfhe) -- C:\Users\Łuczewski\Documents\Windows\miner.dll

[color=#A23BEC]< C:\Users\Łuczewski\Documents\Windows\usft_ext.dll >[/color]
[2012-11-26 11:42:44 | 000,360,448 | ---- | M] (UREhfuie UIERhfuie) -- C:\Users\Łuczewski\Documents\Windows\usft_ext.dll

[color=#A23BEC]< C:\Windows\test64.dll >[/color]
[2012-11-26 01:02:40 | 000,096,768 | ---- | M] () -- C:\Windows\test64.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#A23BEC]< C:\Windows\test32.dll >[/color]
[2012-11-26 01:02:41 | 000,084,992 | ---- | M] () -- C:\Windows\test32.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#A23BEC]< :Commands >[/color]

[color=#A23BEC]< [emptytemp] >[/color]

< End of report >
[/log]
2)Extras
[log]OTL Extras logfile created on: 2012-11-26 11:45:15 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Łuczewski\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 5,74 Gb Available Physical Memory | 72,81% Memory free
15,78 Gb Paging File | 13,38 Gb Available in Paging File | 84,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 23,72 Gb Free Space | 8,49% Space Free | Partition Type: NTFS
Drive D: | 394,45 Gb Total Space | 44,54 Gb Free Space | 11,29% Space Free | Partition Type: NTFS
Drive F: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCZEWSKIPC | User Name: Łuczewski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03E5CBD3-73E3-410D-890D-D3F48B2653A6}" = Windows Live Family Safety
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E7EF678-587B-43E9-B13C-9F4B52ACFFCA}" = Windows Live Family Safety
"{0F872589-F781-4EAF-9CBC-BF6A9809F17D}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19E42E62-8C05-42DE-9DC4-C606F9F8927B}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E8F990F-A140-47D4-B266-402E9CF96FC3}" = Windows Live Family Safety
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}" = Windows Live Family Safety
"{5708148D-3A0E-4587-8311-DFCFA33F4D92}" = Windows Live Family Safety
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7D8BBAF2-E7C6-4BB6-9E35-31340373F699}" = Windows Live Family Safety
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0415-1000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A2D54577-154D-4D8B-9ECF-D7D4553ECE63}" = Windows Live Family Safety
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B96C4CA9-FA40-490C-B3BB-50F84A44694E}" = Windows Live Family Safety
"{BCA3DCDA-170A-44DB-A888-78105ABACF43}" = Windows Live Family Safety
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{D8F30372-43E3-4720-ABDE-11C95E562B71}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Elantech" = ETDWare PS/2-X64 10.5.9.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{122800FE-3AAF-4974-9FBD-54B023FA756A}" = „Windows Live Messenger“
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{19EA33FB-B34E-40EA-8B8A-61743AEB795A}" = Wireless Console 3
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect™ 3
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}" = Dream Vacation Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}" = Bubbletown
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}" = Go Go Gourmet Chef of the Year
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}" = Turbo Fiesta
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}" = World of Goo
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}" = Mahjong Memoirs
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}" = Deadtime Stories
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}" = Farm Frenzy 3 - Madagascar
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90140011-0066-0415-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Polski
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3
"{938CFBD4-0652-49E5-BB8B-153948865941}" = ASUS Virtual Touch
"{95030349-3623-4920-89BF-8BEC5EF311C5}_is1" = Hitman Absolution
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD215FCB-27E8-4C86-9251-8B8C1D548743}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}" = Windows Live Messenger
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Obsługa programów Apple
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA20D803-14E5-4B00-8F03-B519D46F9D4A}" = Windows Live Messenger
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALL YouTube Downloader_is1" = ALL YouTube Downloader
"ALLPlayer_is1" = ALLPlayer V5.X
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUSscr_K_NoSound" = ASUSscr_K_NoSound
"AVG Secure Search" = AVG Security Toolbar
"Game Park Console" = Game Park Console
"Google Chrome" = Google Chrome
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.8.0 (Full)
"LiveVDO plugin" = LiveVDO plugin 1.3
"Minecraft Cracked" = Minecraft Cracked
"Mozilla Firefox 16.0.2 (x86 pl)" = Mozilla Firefox 16.0.2 (x86 pl)
"Mozilla Thunderbird 14.0 (x86 pl)" = Mozilla Thunderbird 14.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151)
"Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"Origin" = Origin
"PeerGuardian_is1" = PeerGuardian 2.0
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Sleeping Dogs_is1" = Sleeping Dogs version 1.4
"StartNow Toolbar" = StartNow Toolbar
"Steam App 56400" = Warhammer® 40,000™: Dawn of War® II – Retribution™
"Uplay" = Uplay
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"VLC media player" = VLC media player 2.0.3
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"YouTube to ALLPlayer_is1" = YouTube to ALLPlayer

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-11-24 01:46:44 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4992

Error - 2012-11-25 06:21:22 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-25 14:32:29 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-25 14:38:51 | Computer Name = Łuczewskipc | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: swtor.exe, wersja: 1.0.0.0, sygnatura
czasowa: 0x50a55767 Nazwa modułu powodującego błąd: MSVCR90.dll, wersja: 9.0.30729.6161,
sygnatura czasowa: 0x4dace5b9 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0003734d
Identyfikator
procesu powodującego błąd: 0xf40 Godzina uruchomienia aplikacji powodującej błąd:
0x01cdcb3b2a6a38e8 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Electronic
Arts\BioWare\Star Wars-The Old Republic\swtor\RetailClient\swtor.exe Ścieżka modułu
powodującego błąd: C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
Identyfikator
raportu: 5aebf110-372f-11e2-8e36-0008caf29752

Error - 2012-11-25 14:38:51 | Computer Name = Łuczewskipc | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: swtor.exe, wersja: 1.0.0.0, sygnatura
czasowa: 0x50a55767 Nazwa modułu powodującego błąd: MemoryMan.dll, wersja: 0.0.0.0,
sygnatura czasowa: 0x50a552b2 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00005883
Identyfikator
procesu powodującego błąd: 0x1450 Godzina uruchomienia aplikacji powodującej błąd:
0x01cdcb3b2c4e694f Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Electronic
Arts\BioWare\Star Wars-The Old Republic\swtor\RetailClient\swtor.exe Ścieżka modułu
powodującego błąd: C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars-The
Old Republic\swtor\RetailClient\MemoryMan.dll Identyfikator raportu: 5aec1820-372f-11e2-8e36-0008caf29752

Error - 2012-11-25 17:59:13 | Computer Name = Łuczewskipc | Source = Application Hang | ID = 1002
Description = Program HMA.exe w wersji 1.0.433.1 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: ff8 Godzina rozpoczęcia: 01cdcb57139b439e Godzina zakończenia:
666 Ścieżka aplikacji: C:\Program Files (x86)\Hitman Absolution\HMA.exe Identyfikator
raportu:

Error - 2012-11-25 18:10:29 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-25 19:28:07 | Computer Name = Łuczewskipc | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall

Error - 2012-11-25 19:36:30 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-25 19:58:10 | Computer Name = Łuczewskipc | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: OffSpon.EXE, wersja: 0.0.0.0, sygnatura
czasowa: 0x4b8a345a Nazwa modułu powodującego błąd: sftldr_wow64.dll, wersja: 4.6.2.22610,
sygnatura czasowa: 0x4e85edec Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000460fa
Identyfikator
procesu powodującego błąd: 0x1790 Godzina uruchomienia aplikacji powodującej błąd:
0x01cdcb68b501e881 Ścieżka aplikacji powodującej błąd: Q:\140066.plk\Office14\OffSpon.EXE
Ścieżka
modułu powodującego błąd: C:\Windows\system32\sftldr_wow64.dll Identyfikator raportu:
f6e18e18-375b-11e2-ac9d-0008caf29752

[ System Events ]
Error - 2012-11-16 18:24:49 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891

Error - 2012-11-16 21:06:52 | Computer Name = Łuczewskipc | Source = volsnap | ID = 393252
Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie
można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika.

Error - 2012-11-17 08:17:49 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Podstawowy aparat filtrowania zakończyła działanie; wystąpił
następujący błąd: %%5

Error - 2012-11-17 08:17:49 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Zapora systemu Windows zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-17 08:17:51 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Moduły obsługi kluczy IPsec IKE i AuthIP zależy od usługi Podstawowy
aparat filtrowania, której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-17 08:17:51 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Agent zasad IPsec zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-17 08:18:27 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie;
wystąpił następujący błąd: %%-2147024891

Error - 2012-11-17 08:18:27 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891

Error - 2012-11-17 13:48:26 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie;
wystąpił następujący błąd: %%-2147024891

Error - 2012-11-17 13:48:26 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891


< End of report >
[/log]

Gość
komentarz
komentarz

Nic nie zapomniałem poprostu korzystałem z prostego edytora :D

Wykonuj pokoleji

1.zainstaluj CCleaner i uruchom cleaner usuń co przedstawi(nie rób nic więcej)

2.Pobierz BlitzBlank

http://download1.emsisoft.com/BlitzBlank.exe
W karcie [b]Script[/b] wklej:
[code]
DeleteFile:
c:\users\Łuczewski\documents\windows\windowsworker.exe
c:\users\Łuczewski\msdata\explorer.exe
c:\users\Łuczewski\documents\windows\usft_ext.dll
c:\users\Łuczewski\documents\windows\miner.dll
c:\users\Łuczewski\documents\windows\svuhost.exe
c:\users\Łuczewski\appdata\roaming\microsoftprotection.exe
c:\users\Łuczewski\msdata\iexplorer.exe
c:\users\Łuczewski\documents\windows\firewall.exe
c:\users\Łuczewski\documents\windows\mcheck.exe
c:\users\Łuczewski\documents\windows\winworker.exe
c:\windows\test32.dll
"c:\users\Łuczewski\documents\windows\svchostu.exe "
c:\windows\test64.dll
DeleteFolder:
"c:\program files (x86)\startnow toolbar"
[/code]
Naciśnij [size=6][b]EXECUTE NOW[/b][/size]


2.Uruchom OTL i w okno [b]własne opcje skanowania/skrypt[/b] wklej:
[code]
:Services
Updater Service for StartNow Toolbar
:OTL
FF - prefs.js..browser.search.defaultengine: "Web Search"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="
O2:64bit: - BHO: (Another Update v1.1.5) - {793A557B-65BC-48C3-B6F6-D472C5887C2E} - C:\Windows\test64.dll ()
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O2 - BHO: (Another Update v1.1.5) - {793A557B-65BC-48C3-B6F6-D472C5887C2E} - C:\Windows\test32.dll ()
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (StartSearch Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [6] File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe (ALLCinema)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [CommandUtilities] C:\Users\Łuczewski\Documents\Windows\svuhost.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [MicrosoftProtection] C:\Users\Łuczewski\AppData\Roaming\MicrosoftProtection.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Windows Explorer] C:\Users\Łuczewski\msdata\iexplorer.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsDefender] C:\Users\Łuczewski\Documents\Windows\firewall.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsStartupKit] C:\Users\Łuczewski\Documents\Windows\mcheck.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsWorker] C:\Users\Łuczewski\Documents\Windows\winworker.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Winlogon] C:\Users\Łuczewski\Documents\Windows\svchostu.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
F3:64bit: - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001 WinNT: Load - (C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com) - C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com (gCemggAcBL)
F3 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001 WinNT: Load - (C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com) - C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com (gCemggAcBL)
:Commands
[emptytemp]
[/code]

Kliknij [size=6][b]WYKONAJ SKRYPT[/b][/size]

3.Po tym podaj nowy log z OTL

Janek92brum
komentarz
komentarz

[log]========== SERVICES/DRIVERS ==========
Service Updater Service for StartNow Toolbar stopped successfully!
Service Updater Service for StartNow Toolbar deleted successfully!
========== OTL ==========
Prefs.js: "Web Search" removed from browser.search.defaultengine
Prefs.js: "Web Search" removed from browser.search.defaultenginename
Prefs.js: "uTorrentControl2 Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Web Search" removed from browser.search.order.1
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=" removed from keyword.URL
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{793A557B-65BC-48C3-B6F6-D472C5887C2E}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793A557B-65BC-48C3-B6F6-D472C5887C2E}\ deleted successfully.
File C:\Windows\test64.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ deleted successfully.
C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}\ deleted successfully.
File C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}\ deleted successfully.
C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{793A557B-65BC-48C3-B6F6-D472C5887C2E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793A557B-65BC-48C3-B6F6-D472C5887C2E}\ deleted successfully.
File C:\Windows\test32.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5911488E-9D1E-40ec-8CBB-06B231CC153F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\ deleted successfully.
File C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{687578b9-7132-4a7a-80e4-30ee31099e03} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found.
File C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\ deleted successfully.
File C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HF_G_Jul deleted successfully.
C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt deleted successfully.
C:\Program Files (x86)\AVG Secure Search\vprot.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\6 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ALLUpdate deleted successfully.
C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CommandUtilities deleted successfully.
File C:\Users\Łuczewski\Documents\Windows\svuhost.exe not found.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\MicrosoftProtection deleted successfully.
File C:\Users\Łuczewski\AppData\Roaming\MicrosoftProtection.exe not found.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Explorer deleted successfully.
C:\Users\Łuczewski\msdata\iexplorer.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsDefender deleted successfully.
File C:\Users\Łuczewski\Documents\Windows\firewall.exe not found.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsStartupKit deleted successfully.
File C:\Users\Łuczewski\Documents\Windows\mcheck.exe not found.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWorker deleted successfully.
File C:\Users\Łuczewski\Documents\Windows\winworker.exe not found.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Winlogon deleted successfully.
C:\Users\Łuczewski\Documents\Windows\svchostu.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com moved successfully.
64bit-Registry delete failed. HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com scheduled to be deleted on reboot.
File C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com not found.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 11272012_131024

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
64bit-Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\UCZEWS~1\LOCALS~1\Temp\msaauzi.com deleted successfully.
[/log]

Gość
komentarz
komentarz (edytowane)

prosiłem o nowy log z OTL
pozatym masz do wykonania jeszcze:

1. Start > w polu szukania wpisz cmd > z prawokliku Uruchom jako Administrator. Wklej komendę:

sfc /scanfile=C:\Windows\system32\services.exe

Naciśnij enter.

Zresetuj system.

2. Start > w polu szukania wpisz cmd > z prawokliku Uruchom jako Administrator. Wklej komendę:

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >sfc.txt & start notepad sfc.txt

Otworzy się log, dołącz go.

3>Start> w polu szukania wpisz cmd> z prawokliku Uruchom jako Administrator>wklej komendę:

netsh winsock reset

Naciśnij enter.

zresetu system

4.Pobierz Services repair: [url="http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe"]Klik[/url]
uruchom jak zakończy swoją działalność to zresetuj komputer.

5.Wykonaj log z Farbar Service Scanner > [url="http://download.bleepingcomputer.com/farbar/FSS.exe"]http://download.blee.../farbar/FSS.exe[/url] (do skanowania zaznacz wszystko).

6.Wykonaj nowy log z OTL

Janek92brum
komentarz
komentarz (edytowane)

otl o który prosiłeś
OTL [log]OTL logfile created on: 2012-11-28 22:13:42 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Łuczewski\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 6,01 Gb Available Physical Memory | 76,22% Memory free
15,78 Gb Paging File | 13,67 Gb Available in Paging File | 86,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 13,27 Gb Free Space | 4,75% Space Free | Partition Type: NTFS
Drive D: | 394,45 Gb Total Space | 33,33 Gb Free Space | 8,45% Space Free | Partition Type: NTFS
Drive F: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCZEWSKIPC | User Name: Łuczewski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-11-28 22:07:50 | 000,046,080 | ---- | M] (HEWGBhyj HJERe) -- C:\Users\Łuczewski\Documents\Windows\windowsworker.exe
PRC - [2012-11-28 21:22:07 | 000,202,240 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
PRC - [2012-11-27 15:46:08 | 000,434,688 | -HS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\svccost.exe
PRC - [2012-11-25 23:32:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Łuczewski\Downloads\OTL.exe
PRC - [2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\msdata\explorer.exe
PRC - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-11-14 03:11:00 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-11-08 22:20:30 | 000,711,112 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
PRC - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
PRC - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
PRC - [2012-02-29 02:19:04 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012-02-29 02:19:02 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
PRC - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012-02-17 02:04:20 | 000,289,408 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
PRC - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
PRC - [2012-02-07 05:12:52 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-01-30 22:32:16 | 001,120,936 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011-12-21 22:15:54 | 000,017,872 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
PRC - [2011-10-03 19:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-11-28 21:22:07 | 000,202,240 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
MOD - [2012-11-27 15:46:08 | 000,434,688 | -HS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\svccost.exe
MOD - [2012-11-14 03:10:59 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
MOD - [2012-11-14 03:10:58 | 012,456,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\PepperFlash\pepflashplayer.dll
MOD - [2012-11-14 03:10:57 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\pdf.dll
MOD - [2012-11-14 03:10:12 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\libglesv2.dll
MOD - [2012-11-14 03:10:11 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\libegl.dll
MOD - [2012-11-14 03:10:04 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\avutil-51.dll
MOD - [2012-11-14 03:10:03 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\avformat-54.dll
MOD - [2012-11-14 03:10:02 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\avcodec-54.dll
MOD - [2012-06-23 09:24:47 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
MOD - [2012-06-23 09:13:09 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012-06-23 09:12:51 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012-06-23 09:12:46 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012-06-23 09:12:33 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-06-23 09:12:30 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-06-23 09:12:25 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012-05-30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012-05-30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010-11-20 13:19:58 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2010-11-20 13:19:58 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2010-11-13 03:03:49 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:[b]64bit:[/b] - [2012-02-03 06:29:52 | 000,628,448 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:[b]64bit:[/b] - [2011-03-04 00:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2010-09-23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010-09-17 09:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-11-21 12:00:22 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-16 21:09:32 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-11-08 22:20:30 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012-10-25 15:27:11 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate)
SRV - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc)
SRV - [2012-06-07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-02-29 02:19:04 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-02-29 02:19:02 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-02-22 08:18:24 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2011-12-29 23:09:24 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-11-08 22:20:30 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:[b]64bit:[/b] - [2012-10-02 23:21:00 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012-05-31 05:10:48 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-22 08:18:14 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012-02-20 03:31:14 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2012-02-19 19:16:24 | 000,200,488 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:56 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:[b]64bit:[/b] - [2012-01-11 05:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:54 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:54 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:24 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:06 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:54 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:36 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:18 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2011-12-28 08:15:50 | 000,292,456 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:[b]64bit:[/b] - [2011-12-23 04:09:00 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011-12-21 22:15:56 | 000,035,968 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVBus.sys -- (AsusVBus)
DRV:[b]64bit:[/b] - [2011-11-10 09:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2011-11-08 03:48:28 | 000,016,512 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVTouch.sys -- (AsusVTouch)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011-08-23 14:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-05-13 23:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010-11-20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:[b]64bit:[/b] - [2009-07-20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-05-24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AiCharger.sys -- (AiCharger)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://asus.msn.com"]http://asus.msn.com[/url]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox"]http://www.bing.com/...rc=IE-SearchBox[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/?aff=2&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752"]http://startsear.ch/...98-0008caf29752[/url]
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox"]http://www.bing.com/...rc=IE-SearchBox[/url]
IE - HKLM\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = [url="http://startsear.ch/?aff=2&src=sp&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752&q={searchTerms}"]http://startsear.ch/...q={searchTerms}[/url]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://asus.msn.com"]http://asus.msn.com[/url]
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://asus.msn.com"]http://asus.msn.com[/url]

IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://asus.msn.com"]http://asus.msn.com[/url]
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="https://isearch.avg.com/?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21"]https://isearch.avg....sa&d=2012-06-21[/url] 16:26:30&v=12.2.5.32&sap=hp
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = [url="http://isearch.avg.com/?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21"]http://isearch.avg.c...sa&d=2012-06-21[/url] 16:26:30&v=11.1.0.7&sap=hp
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = [url="http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120711&user_guid=AFCCE6B745DF4E30BBBF417FDD48D994&machine_id=ec080796f5004ab7455755a0b4f5c227&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}"]http://klit.startnow...eferrer:source}[/url]
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = [url="http://startsear.ch/?aff=2&src=sp&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752&q={searchTerms}"]http://startsear.ch/...q={searchTerms}[/url]
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{98DB4022-589B-40F9-B822-84C3AD18B2CD}: "URL" = [url="https://isearch.avg.com/search?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21"]https://isearch.avg....sa&d=2012-06-21[/url] 16:26:30&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledAddons: {687578b9-7132-4a7a-80e4-30ee31099e03}:3.16.0.3
FF - prefs.js..extensions.enabledAddons: {862FF4F2-E810-11E0-8FEF-D73D4824019B}:1.1.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011-10-20 00:10:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012-11-08 22:20:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-16 21:09:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-11-07 23:29:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-16 21:09:31 | 000,000,000 | ---D | M]

[2012-06-21 21:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Extensions
[2012-11-27 13:08:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions
[2012-08-30 10:29:32 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2012-11-15 15:38:29 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012-11-08 00:06:48 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org
[2012-11-08 00:07:04 | 000,000,000 | ---D | M] (ALLYouTubeDownloader) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-06-22 17:10:04 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org.xpi
[2012-10-28 12:28:23 | 000,013,713 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org.xpi
[2012-11-27 13:08:15 | 000,185,911 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.xpi
[2012-06-07 20:16:04 | 000,000,935 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\conduit.xml
[2012-09-15 20:34:56 | 000,000,792 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\startsear.xml
[2012-07-11 17:06:27 | 000,001,390 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\yahoo-zugo.xml
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{687578B9-7132-4A7A-80E4-30EE31099E03}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.XPI
[2012-11-16 21:09:32 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-10-27 14:45:50 | 000,083,456 | ---- | M] (LiveVDO ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2012-06-15 00:13:23 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-11-08 22:20:31 | 000,003,574 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-06-15 00:13:23 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-15 00:13:23 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-15 00:13:23 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-15 00:13:23 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-15 00:13:23 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U4 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.20 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Angry Birds = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: From Dust = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj\0.0.0.23_0\
CHR - Extension: Pogoda (rozszerzenie) = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.7_0\
CHR - Extension: Lot = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijifgbfkfcalmnndkdaoefpdbkpolij\2.0.0_0\
CHR - Extension: Another Update = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bipiocmkdofpgpdebagkjpgcpbjmbgkn\1.1.2_0\
CHR - Extension: YouTube = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Adventure Time with Finn and Jake = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocngmpdkbemndadokjpgkhhjihadopd\1.7_0\
CHR - Extension: Kingdom Rush = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim\1.0.7.3_0\
CHR - Extension: Szukaj w Google = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Cut the Rope = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\14_0\
CHR - Extension: Go Home Dinosaurs (Beta) = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\icefnknicgejiphafapflechfoeelbeo\1.0.0.8_0\
CHR - Extension: AVG Secure Search = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\
CHR - Extension: AVG Secure Search = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak
CHR - Extension: uTorrentControl2 = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.17.1_0\
CHR - Extension: LiveVDO plugin = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\
CHR - Extension: Gmail = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:[b]64bit:[/b] - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (ALLYouTubeDownloader) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL (ALLCinema Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [GoogleChromeAutoLaunch_14468DE656B7E0BCF56707E1A1C80FF0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [HostServices] C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [MicrosoftProtection] C:\Users\Łuczewski\AppData\Roaming\svccost.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Windows Explorer] C:\Users\Łuczewski\msdata\iexplorer.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsDefender] C:\Users\Łuczewski\Documents\Windows\firewall.exe File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsWorker] C:\Users\Łuczewski\Documents\Windows\winworker.exe ()
F3:[b]64bit:[/b] - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001 WinNT: Load - (C:\Users\UCZEWS~1\LOCALS~1\Temp\msfwfy.cmd) - C:\Users\UCZEWS~1\LOCALS~1\Temp\msfwfy.cmd (kaUGiNoqjX)
F3 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001 WinNT: Load - (C:\Users\UCZEWS~1\LOCALS~1\Temp\msfwfy.cmd) - C:\Users\UCZEWS~1\LOCALS~1\Temp\msfwfy.cmd (kaUGiNoqjX)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.231.1.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CDAE1432-797B-4373-8C50-8015FD4769B8}: DhcpNameServer = 217.172.224.160 89.231.1.206
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-11-30 00:28:45 | 000,000,044 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2011-01-10 22:14:21 | 001,103,232 | R--- | M] (THQ Inc.)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-11-28 22:07:49 | 000,000,000 | R--D | C] -- C:\Users\Łuczewski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012-11-28 00:16:29 | 026,331,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012-11-28 00:16:29 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012-11-28 00:16:29 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012-11-28 00:16:29 | 018,252,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012-11-28 00:16:29 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012-11-28 00:16:29 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012-11-28 00:16:29 | 014,922,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012-11-28 00:16:29 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012-11-28 00:16:29 | 009,146,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012-11-28 00:16:29 | 007,414,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012-11-28 00:16:29 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012-11-28 00:16:29 | 002,747,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012-11-28 00:16:29 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012-11-28 00:16:29 | 002,218,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012-11-28 00:16:29 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012-11-28 00:16:29 | 000,831,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012-11-28 00:16:29 | 000,030,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2012-11-27 18:21:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassins Creed III
[2012-11-27 18:10:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Assassins Creed III
[2012-11-27 15:27:48 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012-11-27 14:38:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012-11-27 13:58:41 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Theta
[2012-11-27 13:10:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-11-27 12:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-11-27 12:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-11-26 01:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Absolution
[2012-11-26 00:21:32 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012-11-26 00:20:46 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-11-25 23:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-11-25 23:48:20 | 000,000,000 | ---D | C] -- C:\rsit
[2012-11-25 22:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hitman Absolution
[2012-11-25 14:57:00 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Desktop\notatki fizyka
[2012-11-24 18:21:29 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Windows
[2012-11-23 00:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-11-23 00:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012-11-22 17:42:35 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Assassin's Creed III
[2012-11-22 17:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Mechanics
[2012-11-22 01:33:09 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\msdata
[2012-11-21 22:52:16 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\Drivers
[2012-11-21 11:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-11-17 14:13:06 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\SWTOR
[2012-11-17 14:13:06 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\HeroBlade Logs
[2012-11-16 21:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2012-11-16 21:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012-11-16 21:09:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-11-08 00:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLYouTubeDownloader
[2012-11-08 00:06:08 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\Programs
[2012-11-08 00:00:52 | 000,000,000 | ---D | C] -- C:\ASUS WebStorage
[2012-11-07 23:59:45 | 000,000,000 | ---D | C] -- C:\AVG Secure Search
[2012-11-07 23:59:42 | 000,000,000 | ---D | C] -- C:\Urządzenia Bluetooth
[2012-11-07 23:59:36 | 000,000,000 | ---D | C] -- C:\Atheros
[2012-11-07 23:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012-11-07 23:29:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012-11-07 23:28:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-11-07 23:27:52 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012-11-07 23:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-11-28 22:07:58 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012-11-28 22:07:48 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-28 22:06:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-11-28 21:47:52 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-28 21:47:52 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-28 21:42:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-28 21:40:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-28 21:40:22 | 2057,707,519 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-28 21:22:07 | 000,202,240 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
[2012-11-28 21:07:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012-11-27 18:22:07 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Assassins Creed III.lnk
[2012-11-27 15:46:08 | 000,434,688 | -HS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\svccost.exe
[2012-11-27 12:54:15 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-11-26 11:39:12 | 000,000,258 | ---- | M] () -- C:\Users\Łuczewski\Desktop\FIX.BAT
[2012-11-23 00:39:57 | 000,002,301 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\tep512993
[2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\tep512650
[2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\tep512284
[2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-11-21 12:00:22 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-11-21 12:00:22 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-11-16 21:38:03 | 000,001,441 | ---- | M] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
[2012-11-09 14:55:31 | 001,694,898 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-11-09 14:55:31 | 000,749,844 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-11-09 14:55:31 | 000,664,012 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-11-09 14:55:31 | 000,158,582 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-11-09 14:55:31 | 000,125,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-11-09 14:51:03 | 001,363,641 | ---- | M] () -- C:\Users\Łuczewski\Desktop\chemikalia.pdf
[2012-11-08 22:20:30 | 000,030,568 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012-11-08 00:07:15 | 000,000,976 | ---- | M] () -- C:\Users\Łuczewski\Desktop\NapiProjekt.lnk
[2012-11-08 00:07:04 | 000,001,157 | ---- | M] () -- C:\Users\Public\Desktop\ALL YouTube Downloader.lnk
[2012-11-08 00:07:00 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\ALL Media Server.lnk
[2012-11-08 00:06:53 | 000,001,025 | ---- | M] () -- C:\Users\Łuczewski\Desktop\ALLPlayer.lnk
[2012-11-07 23:29:08 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012-11-07 23:28:05 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-03 21:04:08 | 000,000,865 | ---- | M] () -- C:\Users\Łuczewski\Desktop\ekipa.contact
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-11-28 21:22:09 | 000,202,240 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
[2012-11-27 18:22:07 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Assassins Creed III.lnk
[2012-11-27 15:46:08 | 000,434,688 | -HS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\svccost.exe
[2012-11-27 12:54:15 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-11-26 11:39:12 | 000,000,258 | ---- | C] () -- C:\Users\Łuczewski\Desktop\FIX.BAT
[2012-11-23 00:39:57 | 000,002,301 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-23 00:37:25 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-23 00:37:24 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-22 01:33:04 | 000,056,832 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\tep512993
[2012-11-22 01:33:04 | 000,056,832 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\tep512650
[2012-11-22 01:33:04 | 000,056,832 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\tep512284
[2012-11-16 21:38:03 | 000,001,441 | ---- | C] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
[2012-11-09 14:51:02 | 001,363,641 | ---- | C] () -- C:\Users\Łuczewski\Desktop\chemikalia.pdf
[2012-11-08 00:07:04 | 000,001,157 | ---- | C] () -- C:\Users\Public\Desktop\ALL YouTube Downloader.lnk
[2012-11-07 23:29:08 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012-11-07 23:28:05 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-03 21:04:08 | 000,000,865 | ---- | C] () -- C:\Users\Łuczewski\Desktop\ekipa.contact
[2012-10-27 16:52:30 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-07-11 17:06:17 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-06-21 16:58:37 | 000,000,380 | ---- | C] () -- C:\Users\Łuczewski\AppData\Roaming\sp_data.sys
[2012-06-21 15:24:40 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-06-21 15:24:40 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012-06-19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-03-13 10:08:55 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012-03-13 10:08:49 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012-03-13 10:08:47 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-03-13 10:08:45 | 013,020,160 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012-02-03 06:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011-10-20 00:00:15 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011-10-19 23:42:45 | 001,719,502 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-09-28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2012-11-28 21:40:37 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2012-11-28 21:40:37 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\$Recycle.Bin\S-1-5-21-2425613530-3582171222-2280058672-1001\$671c68d993da727758a32c6e0ca12e1b\n. -- File not found

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\$RECYCLE.BIN\S-1-5-18\$671c68d993da727758a32c6e0ca12e1b\n -- File not found
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
[/log]
extras
[log]OTL Extras logfile created on: 2012-11-28 22:13:42 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Łuczewski\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 6,01 Gb Available Physical Memory | 76,22% Memory free
15,78 Gb Paging File | 13,67 Gb Available in Paging File | 86,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 13,27 Gb Free Space | 4,75% Space Free | Partition Type: NTFS
Drive D: | 394,45 Gb Total Space | 33,33 Gb Free Space | 8,45% Space Free | Partition Type: NTFS
Drive F: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCZEWSKIPC | User Name: Łuczewski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03E5CBD3-73E3-410D-890D-D3F48B2653A6}" = Windows Live Family Safety
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E7EF678-587B-43E9-B13C-9F4B52ACFFCA}" = Windows Live Family Safety
"{0F872589-F781-4EAF-9CBC-BF6A9809F17D}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19E42E62-8C05-42DE-9DC4-C606F9F8927B}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E8F990F-A140-47D4-B266-402E9CF96FC3}" = Windows Live Family Safety
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}" = Windows Live Family Safety
"{5708148D-3A0E-4587-8311-DFCFA33F4D92}" = Windows Live Family Safety
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7D8BBAF2-E7C6-4BB6-9E35-31340373F699}" = Windows Live Family Safety
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0415-1000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A2D54577-154D-4D8B-9ECF-D7D4553ECE63}" = Windows Live Family Safety
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B96C4CA9-FA40-490C-B3BB-50F84A44694E}" = Windows Live Family Safety
"{BCA3DCDA-170A-44DB-A888-78105ABACF43}" = Windows Live Family Safety
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{D8F30372-43E3-4720-ABDE-11C95E562B71}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 10.5.9.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{122800FE-3AAF-4974-9FBD-54B023FA756A}" = „Windows Live Messenger“
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{19EA33FB-B34E-40EA-8B8A-61743AEB795A}" = Wireless Console 3
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect™ 3
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}" = Dream Vacation Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}" = Bubbletown
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}" = Go Go Gourmet Chef of the Year
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}" = Turbo Fiesta
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}" = World of Goo
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}" = Mahjong Memoirs
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}" = Deadtime Stories
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}" = Farm Frenzy 3 - Madagascar
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90140011-0066-0415-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Polski
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3
"{938CFBD4-0652-49E5-BB8B-153948865941}" = ASUS Virtual Touch
"{95030349-3623-4920-89BF-8BEC5EF311C5}_is1" = Hitman Absolution
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed ® III
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel® Manageability Engine Firmware Recovery Agent
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B810D852-DFD6-ACIII-89A5-CC4D47756DAF}_is1" = Assassins Creed III version 5.1
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD215FCB-27E8-4C86-9251-8B8C1D548743}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}" = Windows Live Messenger
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Obsługa programów Apple
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FA20D803-14E5-4B00-8F03-B519D46F9D4A}" = Windows Live Messenger
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALL YouTube Downloader_is1" = ALL YouTube Downloader
"ALLPlayer_is1" = ALLPlayer V5.X
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUSscr_K_NoSound" = ASUSscr_K_NoSound
"AVG Secure Search" = AVG Security Toolbar
"Game Park Console" = Game Park Console
"Google Chrome" = Google Chrome
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.8.0 (Full)
"LiveVDO plugin" = LiveVDO plugin 1.3
"Minecraft Cracked" = Minecraft Cracked
"Mozilla Firefox 16.0.2 (x86 pl)" = Mozilla Firefox 16.0.2 (x86 pl)
"Mozilla Thunderbird 14.0 (x86 pl)" = Mozilla Thunderbird 14.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151)
"Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"Origin" = Origin
"PeerGuardian_is1" = PeerGuardian 2.0
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Sleeping Dogs_is1" = Sleeping Dogs version 1.4
"StartNow Toolbar" = StartNow Toolbar
"Steam App 56400" = Warhammer® 40,000™: Dawn of War® II – Retribution™
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"VLC media player" = VLC media player 2.0.3
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"YouTube to ALLPlayer_is1" = YouTube to ALLPlayer

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-11-28 06:05:00 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2012-11-28 06:05:00 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6006

Error - 2012-11-28 06:05:00 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6006

Error - 2012-11-28 06:05:01 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2012-11-28 06:05:01 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7020

Error - 2012-11-28 06:05:01 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7020

Error - 2012-11-28 06:05:02 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2012-11-28 06:05:02 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8034

Error - 2012-11-28 06:05:02 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8034

Error - 2012-11-28 16:50:40 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


[ System Events ]
Error - 2012-11-23 06:12:23 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891

Error - 2012-11-23 15:50:41 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Podstawowy aparat filtrowania zakończyła działanie; wystąpił
następujący błąd: %%5

Error - 2012-11-23 15:50:41 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Zapora systemu Windows zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-23 15:50:43 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Moduły obsługi kluczy IPsec IKE i AuthIP zależy od usługi Podstawowy
aparat filtrowania, której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-23 15:50:43 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Agent zasad IPsec zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-23 15:51:30 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie;
wystąpił następujący błąd: %%-2147024891

Error - 2012-11-23 15:51:30 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891

Error - 2012-11-23 20:18:08 | Computer Name = Łuczewskipc | Source = volsnap | ID = 393252
Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie
można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika.

Error - 2012-11-24 09:06:09 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891

Error - 2012-11-24 09:06:09 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie;
wystąpił następujący błąd: %%-2147024891


< End of report >
[/log]
log z podpunktu 2 [log]2012-11-28 22:33:22, Info CSI 00000009 [SR] Verifying 1 components
2012-11-28 22:33:22, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2012-11-28 22:33:23, Info CSI 0000000c [SR] Verify complete
[/log]
log z fss [log]
reszte za raz dodamFarbar Service Scanner Version: 09-11-2012
Ran by Łuczewski (administrator) on 28-11-2012 at 22:53:19
Running from "C:\Users\Łuczewski\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****[/log]

i swiezy otl [log]OTL logfile created on: 2012-11-28 22:55:37 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Łuczewski\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 5,68 Gb Available Physical Memory | 71,94% Memory free
15,78 Gb Paging File | 13,27 Gb Available in Paging File | 84,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 13,26 Gb Free Space | 4,75% Space Free | Partition Type: NTFS
Drive D: | 394,45 Gb Total Space | 33,33 Gb Free Space | 8,45% Space Free | Partition Type: NTFS
Drive F: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCZEWSKIPC | User Name: Łuczewski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-11-28 22:51:28 | 000,046,080 | ---- | M] (HEWGBhyj HJERe) -- C:\Users\Łuczewski\Documents\Windows\windowsworker.exe
PRC - [2012-11-28 21:22:07 | 000,202,240 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
PRC - [2012-11-27 15:46:08 | 000,434,688 | -HS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\svccost.exe
PRC - [2012-11-25 23:32:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Łuczewski\Downloads\OTL.exe
PRC - [2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\msdata\explorer.exe
PRC - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-11-14 03:11:00 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-11-08 22:20:30 | 000,711,112 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
PRC - [2012-10-25 15:27:11 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-08-20 08:39:39 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
PRC - [2012-05-31 05:10:58 | 000,336,992 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2012-02-29 02:19:04 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012-02-29 02:19:02 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012-02-17 02:04:20 | 000,289,408 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
PRC - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
PRC - [2012-02-07 05:12:52 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-01-31 22:24:32 | 000,658,560 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe
PRC - [2012-01-30 22:32:16 | 001,120,936 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011-12-21 22:15:54 | 000,017,872 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
PRC - [2011-10-03 19:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-11-28 21:22:07 | 000,202,240 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
MOD - [2012-11-27 15:46:08 | 000,434,688 | -HS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\svccost.exe
MOD - [2012-11-14 03:10:59 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
MOD - [2012-11-14 03:10:58 | 012,456,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\PepperFlash\pepflashplayer.dll
MOD - [2012-11-14 03:10:57 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\pdf.dll
MOD - [2012-11-14 03:10:12 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\libglesv2.dll
MOD - [2012-11-14 03:10:11 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\libegl.dll
MOD - [2012-11-14 03:10:04 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\avutil-51.dll
MOD - [2012-11-14 03:10:03 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\avformat-54.dll
MOD - [2012-11-14 03:10:02 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\avcodec-54.dll
MOD - [2012-10-25 15:27:10 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012-10-25 15:27:04 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012-10-25 15:27:04 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2012-10-25 15:27:04 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012-10-25 15:27:04 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012-06-23 09:24:47 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
MOD - [2012-06-23 09:13:20 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012-06-23 09:13:09 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012-06-23 09:13:00 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012-06-23 09:12:51 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012-06-23 09:12:46 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012-06-23 09:12:43 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012-06-23 09:12:36 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012-06-23 09:12:33 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-06-23 09:12:30 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-06-23 09:12:30 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012-06-23 09:12:25 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012-05-30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012-05-30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012-03-04 21:22:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2012-01-31 22:24:42 | 000,049,792 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Recovery\RecoveryDVDLang.dll
MOD - [2011-12-19 17:41:44 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Recovery\DiskInfo.dll
MOD - [2011-02-19 06:30:35 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_pl_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2010-11-20 13:19:58 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2010-11-20 13:19:58 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2010-11-13 03:03:49 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:[b]64bit:[/b] - [2012-02-03 06:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:[b]64bit:[/b] - [2011-03-04 00:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2010-09-23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010-09-17 09:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-11-21 12:00:22 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-16 21:09:32 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-11-08 22:20:30 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012-10-25 15:27:11 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate)
SRV - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc)
SRV - [2012-06-07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-02-29 02:19:04 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-02-29 02:19:02 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-02-22 08:18:24 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2011-12-29 23:09:24 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010-11-20 13:21:38 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-11-08 22:20:30 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:[b]64bit:[/b] - [2012-10-02 23:21:00 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012-05-31 05:10:48 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-22 08:18:14 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012-02-20 03:31:14 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2012-02-19 19:16:24 | 000,200,488 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:56 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:[b]64bit:[/b] - [2012-01-11 05:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:54 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:54 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:24 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:06 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:54 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:36 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:18 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2011-12-28 08:15:50 | 000,292,456 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:[b]64bit:[/b] - [2011-12-23 04:09:00 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011-12-21 22:15:56 | 000,035,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVBus.sys -- (AsusVBus)
DRV:[b]64bit:[/b] - [2011-11-10 09:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2011-11-08 03:48:28 | 000,016,512 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVTouch.sys -- (AsusVTouch)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011-08-23 14:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-05-13 23:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010-11-20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:[b]64bit:[/b] - [2009-07-20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-05-24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AiCharger.sys -- (AiCharger)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=2&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752&q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=12.2.5.32&sap=hp
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://isearch.avg.com/?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=11.1.0.7&sap=hp
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120711&user_guid=AFCCE6B745DF4E30BBBF417FDD48D994&machine_id=ec080796f5004ab7455755a0b4f5c227&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752&q={searchTerms}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{98DB4022-589B-40F9-B822-84C3AD18B2CD}: "URL" = https://isearch.avg.com/search?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledAddons: {687578b9-7132-4a7a-80e4-30ee31099e03}:3.16.0.3
FF - prefs.js..extensions.enabledAddons: {862FF4F2-E810-11E0-8FEF-D73D4824019B}:1.1.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011-10-20 00:10:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012-11-08 22:20:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-16 21:09:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-11-07 23:29:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-16 21:09:31 | 000,000,000 | ---D | M]

[2012-06-21 21:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Extensions
[2012-11-27 13:08:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions
[2012-08-30 10:29:32 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2012-11-15 15:38:29 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012-11-08 00:06:48 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org
[2012-11-08 00:07:04 | 000,000,000 | ---D | M] (ALLYouTubeDownloader) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-06-22 17:10:04 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org.xpi
[2012-10-28 12:28:23 | 000,013,713 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org.xpi
[2012-11-27 13:08:15 | 000,185,911 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.xpi
[2012-06-07 20:16:04 | 000,000,935 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\conduit.xml
[2012-09-15 20:34:56 | 000,000,792 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\startsear.xml
[2012-07-11 17:06:27 | 000,001,390 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\yahoo-zugo.xml
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{687578B9-7132-4A7A-80E4-30EE31099E03}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.XPI
[2012-11-16 21:09:32 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-10-27 14:45:50 | 000,083,456 | ---- | M] (LiveVDO ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2012-06-15 00:13:23 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-11-08 22:20:31 | 000,003,574 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-06-15 00:13:23 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-15 00:13:23 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-15 00:13:23 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-15 00:13:23 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-15 00:13:23 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.20 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Angry Birds = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: From Dust = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj\0.0.0.23_0\
CHR - Extension: Pogoda (rozszerzenie) = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.7_0\
CHR - Extension: Lot = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijifgbfkfcalmnndkdaoefpdbkpolij\2.0.0_0\
CHR - Extension: Another Update = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bipiocmkdofpgpdebagkjpgcpbjmbgkn\1.1.2_0\
CHR - Extension: YouTube = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Adventure Time with Finn and Jake = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocngmpdkbemndadokjpgkhhjihadopd\1.7_0\
CHR - Extension: Kingdom Rush = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim\1.0.7.3_0\
CHR - Extension: Szukaj w Google = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Cut the Rope = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\14_0\
CHR - Extension: Go Home Dinosaurs (Beta) = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\icefnknicgejiphafapflechfoeelbeo\1.0.0.8_0\
CHR - Extension: AVG Secure Search = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\
CHR - Extension: AVG Secure Search = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak
CHR - Extension: uTorrentControl2 = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.17.1_0\
CHR - Extension: LiveVDO plugin = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\
CHR - Extension: Gmail = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:[b]64bit:[/b] - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (ALLYouTubeDownloader) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL (ALLCinema Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [GoogleChromeAutoLaunch_14468DE656B7E0BCF56707E1A1C80FF0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [HostServices] C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [MicrosoftProtection] C:\Users\Łuczewski\AppData\Roaming\svccost.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Windows Explorer] C:\Users\Łuczewski\msdata\iexplorer.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsDefender] C:\Users\Łuczewski\Documents\Windows\firewall.exe File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsWorker] C:\Users\Łuczewski\Documents\Windows\winworker.exe ()
F3:[b]64bit:[/b] - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001 WinNT: Load - (C:\Users\UCZEWS~1\LOCALS~1\Temp\msfwfy.cmd) - C:\Users\UCZEWS~1\LOCALS~1\Temp\msfwfy.cmd (kaUGiNoqjX)
F3 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001 WinNT: Load - (C:\Users\UCZEWS~1\LOCALS~1\Temp\msfwfy.cmd) - C:\Users\UCZEWS~1\LOCALS~1\Temp\msfwfy.cmd (kaUGiNoqjX)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.231.1.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CDAE1432-797B-4373-8C50-8015FD4769B8}: DhcpNameServer = 217.172.224.160 89.231.1.206
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-11-30 00:28:45 | 000,000,044 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2011-01-10 22:14:21 | 001,103,232 | R--- | M] (THQ Inc.)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-11-28 22:52:05 | 000,000,000 | R--D | C] -- C:\Users\Łuczewski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012-11-28 22:50:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support
[2012-11-28 00:16:29 | 026,331,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012-11-28 00:16:29 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012-11-28 00:16:29 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012-11-28 00:16:29 | 018,252,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012-11-28 00:16:29 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012-11-28 00:16:29 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012-11-28 00:16:29 | 014,922,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012-11-28 00:16:29 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012-11-28 00:16:29 | 009,146,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012-11-28 00:16:29 | 007,414,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012-11-28 00:16:29 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012-11-28 00:16:29 | 002,747,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012-11-28 00:16:29 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012-11-28 00:16:29 | 002,218,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012-11-28 00:16:29 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012-11-28 00:16:29 | 000,831,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012-11-28 00:16:29 | 000,030,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2012-11-27 18:21:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassins Creed III
[2012-11-27 18:10:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Assassins Creed III
[2012-11-27 15:27:48 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012-11-27 14:38:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012-11-27 13:58:41 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Theta
[2012-11-27 13:10:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-11-27 12:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-11-27 12:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-11-26 01:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Absolution
[2012-11-26 00:21:32 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012-11-26 00:20:46 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-11-25 23:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-11-25 23:48:20 | 000,000,000 | ---D | C] -- C:\rsit
[2012-11-25 22:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hitman Absolution
[2012-11-25 14:57:00 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Desktop\notatki fizyka
[2012-11-24 18:21:29 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Windows
[2012-11-23 00:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-11-23 00:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012-11-22 17:42:35 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Assassin's Creed III
[2012-11-22 17:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Mechanics
[2012-11-22 01:33:09 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\msdata
[2012-11-21 22:52:16 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\Drivers
[2012-11-21 11:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-11-17 14:13:06 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\SWTOR
[2012-11-17 14:13:06 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\HeroBlade Logs
[2012-11-16 21:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2012-11-16 21:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012-11-16 21:09:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-11-08 00:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLYouTubeDownloader
[2012-11-08 00:06:08 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\Programs
[2012-11-08 00:00:52 | 000,000,000 | ---D | C] -- C:\ASUS WebStorage
[2012-11-07 23:59:45 | 000,000,000 | ---D | C] -- C:\AVG Secure Search
[2012-11-07 23:59:42 | 000,000,000 | ---D | C] -- C:\Urządzenia Bluetooth
[2012-11-07 23:59:36 | 000,000,000 | ---D | C] -- C:\Atheros
[2012-11-07 23:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012-11-07 23:29:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012-11-07 23:28:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-11-07 23:27:52 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012-11-07 23:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-11-28 22:51:29 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-28 22:51:24 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012-11-28 22:51:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-28 22:51:09 | 2057,707,519 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-28 22:43:31 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-28 22:43:31 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-28 22:42:17 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-28 22:06:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-11-28 21:22:07 | 000,202,240 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
[2012-11-28 21:07:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012-11-27 18:22:07 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Assassins Creed III.lnk
[2012-11-27 15:46:08 | 000,434,688 | -HS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\svccost.exe
[2012-11-27 12:54:15 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-11-26 11:39:12 | 000,000,258 | ---- | M] () -- C:\Users\Łuczewski\Desktop\FIX.BAT
[2012-11-23 00:39:57 | 000,002,301 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\tep512993
[2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\tep512650
[2012-11-22 01:33:09 | 000,056,832 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\tep512284
[2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-11-21 12:00:22 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-11-21 12:00:22 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-11-16 21:38:03 | 000,001,441 | ---- | M] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
[2012-11-09 14:55:31 | 001,694,898 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-11-09 14:55:31 | 000,749,844 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-11-09 14:55:31 | 000,664,012 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-11-09 14:55:31 | 000,158,582 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-11-09 14:55:31 | 000,125,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-11-09 14:51:03 | 001,363,641 | ---- | M] () -- C:\Users\Łuczewski\Desktop\chemikalia.pdf
[2012-11-08 22:20:30 | 000,030,568 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012-11-08 00:07:15 | 000,000,976 | ---- | M] () -- C:\Users\Łuczewski\Desktop\NapiProjekt.lnk
[2012-11-08 00:07:04 | 000,001,157 | ---- | M] () -- C:\Users\Public\Desktop\ALL YouTube Downloader.lnk
[2012-11-08 00:07:00 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\ALL Media Server.lnk
[2012-11-08 00:06:53 | 000,001,025 | ---- | M] () -- C:\Users\Łuczewski\Desktop\ALLPlayer.lnk
[2012-11-07 23:29:08 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012-11-07 23:28:05 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-03 21:04:08 | 000,000,865 | ---- | M] () -- C:\Users\Łuczewski\Desktop\ekipa.contact
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-11-28 21:22:09 | 000,202,240 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
[2012-11-27 18:22:07 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Assassins Creed III.lnk
[2012-11-27 15:46:08 | 000,434,688 | -HS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\svccost.exe
[2012-11-27 12:54:15 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-11-26 11:39:12 | 000,000,258 | ---- | C] () -- C:\Users\Łuczewski\Desktop\FIX.BAT
[2012-11-23 00:39:57 | 000,002,301 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-23 00:37:25 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-23 00:37:24 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-22 01:33:04 | 000,056,832 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\tep512993
[2012-11-22 01:33:04 | 000,056,832 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\tep512650
[2012-11-22 01:33:04 | 000,056,832 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\tep512284
[2012-11-16 21:38:03 | 000,001,441 | ---- | C] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
[2012-11-09 14:51:02 | 001,363,641 | ---- | C] () -- C:\Users\Łuczewski\Desktop\chemikalia.pdf
[2012-11-08 00:07:04 | 000,001,157 | ---- | C] () -- C:\Users\Public\Desktop\ALL YouTube Downloader.lnk
[2012-11-07 23:29:08 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012-11-07 23:28:05 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-03 21:04:08 | 000,000,865 | ---- | C] () -- C:\Users\Łuczewski\Desktop\ekipa.contact
[2012-10-27 16:52:30 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-07-11 17:06:17 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-06-21 16:58:37 | 000,000,380 | ---- | C] () -- C:\Users\Łuczewski\AppData\Roaming\sp_data.sys
[2012-06-21 15:24:40 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-06-21 15:24:40 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012-06-19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-03-13 10:08:55 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012-03-13 10:08:49 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012-03-13 10:08:47 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-03-13 10:08:45 | 013,020,160 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012-02-03 06:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011-10-20 00:00:15 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011-10-19 23:42:45 | 001,719,502 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-09-28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2012-11-28 22:51:22 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2012-11-28 22:51:22 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\$Recycle.Bin\S-1-5-21-2425613530-3582171222-2280058672-1001\$671c68d993da727758a32c6e0ca12e1b\n. -- File not found

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\$RECYCLE.BIN\S-1-5-18\$671c68d993da727758a32c6e0ca12e1b\n -- File not found
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
[/log]
extras [log]OTL Extras logfile created on: 2012-11-28 22:55:37 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Łuczewski\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 5,68 Gb Available Physical Memory | 71,94% Memory free
15,78 Gb Paging File | 13,27 Gb Available in Paging File | 84,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 13,26 Gb Free Space | 4,75% Space Free | Partition Type: NTFS
Drive D: | 394,45 Gb Total Space | 33,33 Gb Free Space | 8,45% Space Free | Partition Type: NTFS
Drive F: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCZEWSKIPC | User Name: Łuczewski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5DAF3B95-DFF0-4AC9-A252-D9E9220FBE34}" = protocol=58 | dir=in | app=system |
"{ED5FA4B6-2588-46CC-915D-DCFA813375CF}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"TCP Query User{35356CCB-8939-4044-B4EA-A73059D53BE1}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{2AB85C3D-239F-4760-9D5F-2A934007FD3D}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03E5CBD3-73E3-410D-890D-D3F48B2653A6}" = Windows Live Family Safety
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E7EF678-587B-43E9-B13C-9F4B52ACFFCA}" = Windows Live Family Safety
"{0F872589-F781-4EAF-9CBC-BF6A9809F17D}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19E42E62-8C05-42DE-9DC4-C606F9F8927B}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E8F990F-A140-47D4-B266-402E9CF96FC3}" = Windows Live Family Safety
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}" = Windows Live Family Safety
"{5708148D-3A0E-4587-8311-DFCFA33F4D92}" = Windows Live Family Safety
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7D8BBAF2-E7C6-4BB6-9E35-31340373F699}" = Windows Live Family Safety
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0415-1000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A2D54577-154D-4D8B-9ECF-D7D4553ECE63}" = Windows Live Family Safety
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B96C4CA9-FA40-490C-B3BB-50F84A44694E}" = Windows Live Family Safety
"{BCA3DCDA-170A-44DB-A888-78105ABACF43}" = Windows Live Family Safety
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{D8F30372-43E3-4720-ABDE-11C95E562B71}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 10.5.9.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{122800FE-3AAF-4974-9FBD-54B023FA756A}" = „Windows Live Messenger“
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{19EA33FB-B34E-40EA-8B8A-61743AEB795A}" = Wireless Console 3
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect™ 3
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}" = Dream Vacation Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}" = Bubbletown
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}" = Go Go Gourmet Chef of the Year
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}" = Turbo Fiesta
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}" = World of Goo
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}" = Mahjong Memoirs
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}" = Deadtime Stories
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}" = Farm Frenzy 3 - Madagascar
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90140011-0066-0415-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Polski
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3
"{938CFBD4-0652-49E5-BB8B-153948865941}" = ASUS Virtual Touch
"{95030349-3623-4920-89BF-8BEC5EF311C5}_is1" = Hitman Absolution
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed ® III
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B810D852-DFD6-ACIII-89A5-CC4D47756DAF}_is1" = Assassins Creed III version 5.1
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD215FCB-27E8-4C86-9251-8B8C1D548743}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}" = Windows Live Messenger
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Obsługa programów Apple
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA20D803-14E5-4B00-8F03-B519D46F9D4A}" = Windows Live Messenger
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALL YouTube Downloader_is1" = ALL YouTube Downloader
"ALLPlayer_is1" = ALLPlayer V5.X
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUSscr_K_NoSound" = ASUSscr_K_NoSound
"AVG Secure Search" = AVG Security Toolbar
"Game Park Console" = Game Park Console
"Google Chrome" = Google Chrome
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.8.0 (Full)
"LiveVDO plugin" = LiveVDO plugin 1.3
"Minecraft Cracked" = Minecraft Cracked
"Mozilla Firefox 16.0.2 (x86 pl)" = Mozilla Firefox 16.0.2 (x86 pl)
"Mozilla Thunderbird 14.0 (x86 pl)" = Mozilla Thunderbird 14.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151)
"Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"Origin" = Origin
"PeerGuardian_is1" = PeerGuardian 2.0
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Sleeping Dogs_is1" = Sleeping Dogs version 1.4
"StartNow Toolbar" = StartNow Toolbar
"Steam App 56400" = Warhammer® 40,000™: Dawn of War® II – Retribution™
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"VLC media player" = VLC media player 2.0.3
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"YouTube to ALLPlayer_is1" = YouTube to ALLPlayer

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-11-28 06:05:00 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6006

Error - 2012-11-28 06:05:01 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2012-11-28 06:05:01 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7020

Error - 2012-11-28 06:05:01 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7020

Error - 2012-11-28 06:05:02 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2012-11-28 06:05:02 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8034

Error - 2012-11-28 06:05:02 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8034

Error - 2012-11-28 16:50:40 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-28 17:44:41 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-28 18:01:29 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


[ System Events ]
Error - 2012-11-25 14:22:24 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Agent zasad IPsec zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-25 14:24:31 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie;
wystąpił następujący błąd: %%-2147024891

Error - 2012-11-25 14:24:31 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891

Error - 2012-11-25 14:24:56 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Zapora systemu Windows zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-25 14:24:56 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Podstawowy aparat filtrowania zakończyła działanie; wystąpił
następujący błąd: %%5

Error - 2012-11-25 17:40:49 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Podstawowy aparat filtrowania zakończyła działanie; wystąpił
następujący błąd: %%5

Error - 2012-11-25 17:41:11 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Podstawowy aparat filtrowania zakończyła działanie; wystąpił
następujący błąd: %%5

Error - 2012-11-25 17:41:11 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Zapora systemu Windows zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-25 17:47:27 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Podstawowy aparat filtrowania zakończyła działanie; wystąpił
następujący błąd: %%5

Error - 2012-11-25 17:47:27 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Zapora systemu Windows zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5


< End of report >
[/log]

Gość
komentarz
komentarz (edytowane)

Jasny gwint znowu komp zainfekowany sirefefem cała robota poszła na marne zapewne odwiedzasz jakąś stronę która ci dziadostwo instaluje (ostatnio meczyki.pl)

1. Otwórz Notatnik i wklej w nim:
[code]
reg delete HKCU\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} /f
reg add HKLM\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 /ve /t REG_EXPAND_SZ /d %%systemroot%%\system32\wbem\fastprox.dll /f
[/code]

Z menu Notatnika > Plik > Zapisz jako > Ustaw rozszerzenie na Wszystkie pliki > Zapisz jako FIX.BAT

Kliknij prawym na plik i wybierz opcję Uruchom jako Administrator. Konieczny restart komputera, by odładować z pamięci ZeroAccess.

2. Otwórz Notatnik i wklej w nim:

[code]
icacls C:\$Recycle.Bin\S-1-5-18 /grant Wszyscy:F /T
icacls C:\$Recycle.Bin\S-1-5-21-2425613530-3582171222-2280058672-1001\$671c68d993da727758a32c6e0ca12e1b /grant Wszyscy:F /T
rd /s /q C:\$Recycle.Bin
del /q C:\Windows\assembly\GAC_32\Desktop.ini
del /q C:\Windows\assembly\GAC_64\Desktop.ini
netsh winsock reset
pause
[/code]

Z menu Notatnika > Plik > Zapisz jako > Ustaw rozszerzenie na Wszystkie pliki > Zapisz jako FIX.BAT

Kliknij prawym na plik i wybierz opcję Uruchom jako Administrator. Konieczny restart komputera, by dokończyć reset Winsock naruszony przez ZeroAccess.



Zabootuj do trybu awaryjnego z obsługą sieci i pobierz Malwarebytes anti-malware(zgódź się na okres testowy) zaaktualizuj i zrób pełne skanowanie komputera co znajdzie przenieś do kwarantanny i podaj log ze skanowania.

Podaj nowy log z OTL

Janek92brum
komentarz
komentarz (edytowane)

czy ten virus lub virusy mogą być przyczyną głośniejszego pracowania laptopa oraz mocnego nagrzewania ?
teraz za każdym razem włączać w tym trybie ? zauważyłem że nawet laptop chodzi ciszej ... nie wiem czy ma to jakikolwiek sens czy powiązanie z sobą :P mam program który pokazuje temp rdzeni procesora i w trybie awaryjnym nie przekracza 60 ' a w normalnym sięga momentami 90'
log z skanowania [log]Malwarebytes Anti-Malware (Okres testowy) 1.65.1.1000
www.malwarebytes.org

Wersja bazy: v2012.11.28.10

Windows 7 Service Pack 1 x64 NTFS (Tryb Awaryjny z dostępem do sieci)
Internet Explorer 9.0.8112.16421
Łuczewski :: LUCZEWSKIPC [administrator]

Ochrona: Wyłączona

2012-11-29 00:41:58
mbam-log-2012-11-29 (00-41-58).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Zaznaczone opcje skanowania: Pamięć | Rozruch | Rejestr | System plików | Heurystyka/Dodatkowe | Heuristyka/Shuriken | PUP | PUM
Odznaczone opcje skanowania: P2P
Przeskanowano obiektów: 434179
Upłynęło: 38 minut(y), 55 sekund(y)

Wykrytych procesów w pamięci: 0
(Nie znaleziono zagrożeń)

Wykrytych modułów w pamięci: 0
(Nie znaleziono zagrożeń)

Wykrytych kluczy rejestru: 6
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Nie wykonano akcji.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Nie wykonano akcji.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Nie wykonano akcji.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Nie wykonano akcji.

Wykrytych wartości rejestru: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Explorer (Trojan.MSIL) -> Data: C:\Users\Łuczewski\msdata\iexplorer.exe -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\UCZEWS~1\LOCALS~1\Temp\msfwfy.cmd -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\UCZEWS~1\LOCALS~1\Temp\msfwfy.cmd -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.

Wykryte wpisy rejestru systemowego: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Złe: ([url="http://startsear.ch/?aff=2&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752"]http://startsear.ch/...98-0008caf29752[/url]) Dobre: ([url="http://www.google.com"]http://www.google.com[/url]) -> Dodanie do kwarantanny i naprawa pliku zakończyły się powodzeniem.

wykrytych folderów: 0
(Nie znaleziono zagrożeń)

Wykrytych plików: 40
C:\Users\Łuczewski\msdata\iexplorer.exe (Trojan.MSIL) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Program Files (x86)\Square Enix\Hitman Sniper Challenge\skidrow.dll (Trojan.Midhos) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Program Files (x86)\Steam\Steam.exe -silent (Trojan.MSIL) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N5QR04HL\main[1].txt (Trojan.BitMiner) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\AppData\Local\Temp\Temporary Internet Files\Content.IE5\TI7ZW9Y0\main[1].txt (Trojan.BitMiner) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\AppData\Roaming\tep512284 (Trojan.MSIL) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\AppData\Roaming\tep512650 (Trojan.MSIL) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\AppData\Roaming\tep512993 (Trojan.MSIL) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Documents\Windows\miner.dll (PUP.BitCoinMiner) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Documents\Windows\msnotepad.exe (Trojan.BitMiner) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Documents\Windows\windowsworker.exe (Trojan.BitMiner) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Drivers\explorer.exe (Spyware.Password) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Drivers\msconfig.exe (Spyware.Password) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Drivers\steamupdate.exe (Trojan.MSIL) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\msbyiyy.com (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\mscgxow.bat (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\mseorad.com (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\msfevw.cmd (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\mshsoue.bat (Trojan.Inject) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\msmwzvios.pif (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\msokeas.com (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\msqaepoo.com (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\msqiuzrm.scr (Trojan.Onlinegames) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\msqlxynh.scr (Backdoor.Messa) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\msrviaf.com (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\msuyuoi.bat (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\msvnftfir.exe (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\mswhio.exe (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\mswkwvz.com (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\msyzizi.bat (Backdoor.Messa) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\mszaxfea.scr (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Local Settings\Temp\msziaa.cmd (Heuristics.Shuriken) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\msdata\explorer.exe (Trojan.MSIL) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\msdata\halo4.exe (Trojan.VBInject) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\msdata\uplay.exe (Trojan.VBInject) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\msdata\uplayv2.exe (Trojan.VBInject) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\_OTL\MovedFiles\11272012_131024\C_Users\Łuczewski\Documents\Windows\svchostu.exe (Trojan.MSIL) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\_OTL\MovedFiles\11272012_131024\C_Users\Łuczewski\msdata\iexplorer.exe (Trojan.MSIL) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
D:\gry\Mass Effect 2 [PC ~ Multi6] (Razor1911)\Razor1911\keygen.exe (Trojan.Downloader) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.
C:\Users\Łuczewski\Documents\Windows\usft_ext.dll (Trojan.Agent) -> Dodanie do kwarantanny i usunięcie pliku zakończyły się powodzeniem.

(zakończone)
[/log]

i za każdym razem jak od jakiegos czasu wlaczam laptopa to ładuje się jakis lfthost , co to jest ?
i otl [log]OTL logfile created on: 2012-11-29 01:38:24 - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Łuczewski\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 5,77 Gb Available Physical Memory | 73,20% Memory free
15,78 Gb Paging File | 13,43 Gb Available in Paging File | 85,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 117,13 Gb Free Space | 41,91% Space Free | Partition Type: NTFS
Drive D: | 394,45 Gb Total Space | 197,84 Gb Free Space | 50,16% Space Free | Partition Type: NTFS
Drive F: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCZEWSKIPC | User Name: Łuczewski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-11-28 21:22:07 | 000,202,240 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
PRC - [2012-11-27 15:46:08 | 000,434,688 | -HS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\svccost.exe
PRC - [2012-11-25 23:32:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Łuczewski\Downloads\OTL.exe
PRC - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-11-14 03:11:00 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-11-08 22:20:30 | 000,711,112 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
PRC - [2012-10-25 15:27:11 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-09-29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-09-29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012-08-20 08:39:39 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
PRC - [2012-05-31 05:10:58 | 000,336,992 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2012-02-29 02:19:04 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012-02-29 02:19:02 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012-02-17 02:04:20 | 000,289,408 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
PRC - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
PRC - [2012-02-07 05:12:52 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-01-30 22:32:16 | 001,120,936 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011-12-21 22:15:54 | 000,017,872 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
PRC - [2011-10-19 23:59:44 | 003,331,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\APRP\aprp.exe
PRC - [2011-10-03 19:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-11-28 21:22:07 | 000,202,240 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
MOD - [2012-11-27 15:46:08 | 000,434,688 | -HS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\svccost.exe
MOD - [2012-11-14 03:10:59 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
MOD - [2012-11-14 03:10:57 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\pdf.dll
MOD - [2012-11-14 03:10:12 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\libglesv2.dll
MOD - [2012-11-14 03:10:11 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\libegl.dll
MOD - [2012-11-14 03:10:04 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\avutil-51.dll
MOD - [2012-11-14 03:10:03 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\avformat-54.dll
MOD - [2012-11-14 03:10:02 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\avcodec-54.dll
MOD - [2012-10-25 15:27:10 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012-10-25 15:27:04 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012-10-25 15:27:04 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2012-10-25 15:27:04 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012-10-25 15:27:04 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012-06-23 09:24:47 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
MOD - [2012-06-23 09:13:09 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012-06-23 09:12:51 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012-06-23 09:12:46 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012-06-23 09:12:33 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-06-23 09:12:30 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-06-23 09:12:25 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012-05-30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012-05-30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012-03-04 21:22:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2010-11-13 03:03:49 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:[b]64bit:[/b] - [2012-02-03 06:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:[b]64bit:[/b] - [2011-03-04 00:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2010-09-23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010-09-17 09:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-11-21 12:00:22 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-16 21:09:32 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-11-08 22:20:30 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012-10-25 15:27:11 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-09-29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate)
SRV - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc)
SRV - [2012-06-07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-02-29 02:19:04 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-02-29 02:19:02 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-02-22 08:18:24 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2011-12-29 23:09:24 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010-11-20 13:21:38 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-11-08 22:20:30 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:[b]64bit:[/b] - [2012-10-02 23:21:00 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2012-09-29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012-05-31 05:10:48 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-22 08:18:14 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012-02-20 03:31:14 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2012-02-19 19:16:24 | 000,200,488 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:56 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:[b]64bit:[/b] - [2012-01-11 05:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:54 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:54 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:24 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:06 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:54 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:36 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:18 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2011-12-28 08:15:50 | 000,292,456 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:[b]64bit:[/b] - [2011-12-23 04:09:00 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011-12-21 22:15:56 | 000,035,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVBus.sys -- (AsusVBus)
DRV:[b]64bit:[/b] - [2011-11-10 09:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2011-11-08 03:48:28 | 000,016,512 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVTouch.sys -- (AsusVTouch)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011-08-23 14:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-05-13 23:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010-11-20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:[b]64bit:[/b] - [2009-07-20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-05-24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AiCharger.sys -- (AiCharger)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752&q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=12.2.5.32&sap=hp
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://isearch.avg.com/?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=11.1.0.7&sap=hp
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120711&user_guid=AFCCE6B745DF4E30BBBF417FDD48D994&machine_id=ec080796f5004ab7455755a0b4f5c227&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752&q={searchTerms}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{98DB4022-589B-40F9-B822-84C3AD18B2CD}: "URL" = https://isearch.avg.com/search?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledAddons: {687578b9-7132-4a7a-80e4-30ee31099e03}:3.16.0.3
FF - prefs.js..extensions.enabledAddons: {862FF4F2-E810-11E0-8FEF-D73D4824019B}:1.1.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011-10-20 00:10:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012-11-08 22:20:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-16 21:09:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-11-07 23:29:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-16 21:09:31 | 000,000,000 | ---D | M]

[2012-06-21 21:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Extensions
[2012-11-27 13:08:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions
[2012-08-30 10:29:32 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2012-11-15 15:38:29 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012-11-08 00:06:48 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org
[2012-11-08 00:07:04 | 000,000,000 | ---D | M] (ALLYouTubeDownloader) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-06-22 17:10:04 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org.xpi
[2012-10-28 12:28:23 | 000,013,713 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org.xpi
[2012-11-27 13:08:15 | 000,185,911 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.xpi
[2012-06-07 20:16:04 | 000,000,935 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\conduit.xml
[2012-09-15 20:34:56 | 000,000,792 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\startsear.xml
[2012-07-11 17:06:27 | 000,001,390 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\yahoo-zugo.xml
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{687578B9-7132-4A7A-80E4-30EE31099E03}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.XPI
[2012-11-16 21:09:32 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-10-27 14:45:50 | 000,083,456 | ---- | M] (LiveVDO ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2012-06-15 00:13:23 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-11-08 22:20:31 | 000,003,574 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-06-15 00:13:23 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-15 00:13:23 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-15 00:13:23 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-15 00:13:23 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-15 00:13:23 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.20 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Angry Birds = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: From Dust = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj\0.0.0.23_0\
CHR - Extension: Pogoda (rozszerzenie) = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.7_0\
CHR - Extension: Lot = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijifgbfkfcalmnndkdaoefpdbkpolij\2.0.0_0\
CHR - Extension: Another Update = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bipiocmkdofpgpdebagkjpgcpbjmbgkn\1.1.2_0\
CHR - Extension: YouTube = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Adventure Time with Finn and Jake = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocngmpdkbemndadokjpgkhhjihadopd\1.7_0\
CHR - Extension: Kingdom Rush = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim\1.0.7.3_0\
CHR - Extension: Szukaj w Google = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Cut the Rope = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\14_0\
CHR - Extension: Go Home Dinosaurs (Beta) = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\icefnknicgejiphafapflechfoeelbeo\1.0.0.8_0\
CHR - Extension: AVG Secure Search = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\
CHR - Extension: AVG Secure Search = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak
CHR - Extension: uTorrentControl2 = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.17.1_0\
CHR - Extension: LiveVDO plugin = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\
CHR - Extension: Gmail = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:[b]64bit:[/b] - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (ALLYouTubeDownloader) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL (ALLCinema Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [GoogleChromeAutoLaunch_14468DE656B7E0BCF56707E1A1C80FF0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [HostServices] C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [MicrosoftProtection] C:\Users\Łuczewski\AppData\Roaming\svccost.exe ()
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsDefender] C:\Users\Łuczewski\Documents\Windows\firewall.exe File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsWorker] C:\Users\Łuczewski\Documents\Windows\winworker.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - mswsock.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.231.1.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CDAE1432-797B-4373-8C50-8015FD4769B8}: DhcpNameServer = 217.172.224.160 89.231.1.206
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-11-30 00:28:45 | 000,000,044 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2011-01-10 22:14:21 | 001,103,232 | R--- | M] (THQ Inc.)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Setup.exe -- [2011-01-10 22:14:21 | 001,103,232 | R--- | M] (THQ Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-11-29 01:36:20 | 000,000,000 | R--D | C] -- C:\Users\Łuczewski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012-11-29 00:40:30 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Malwarebytes
[2012-11-29 00:40:21 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-11-29 00:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-11-29 00:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-11-29 00:40:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-11-29 00:29:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-11-29 00:02:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012-11-28 23:33:15 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-11-28 23:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-11-28 23:33:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012-11-28 22:50:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support
[2012-11-28 00:16:29 | 026,331,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012-11-28 00:16:29 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012-11-28 00:16:29 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012-11-28 00:16:29 | 018,252,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012-11-28 00:16:29 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012-11-28 00:16:29 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012-11-28 00:16:29 | 014,922,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012-11-28 00:16:29 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012-11-28 00:16:29 | 009,146,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012-11-28 00:16:29 | 007,414,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012-11-28 00:16:29 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012-11-28 00:16:29 | 002,747,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012-11-28 00:16:29 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012-11-28 00:16:29 | 002,218,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012-11-28 00:16:29 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012-11-28 00:16:29 | 000,831,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012-11-28 00:16:29 | 000,030,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2012-11-27 15:27:48 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012-11-27 14:38:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012-11-27 13:58:41 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Theta
[2012-11-27 13:10:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-11-27 12:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-11-27 12:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-11-26 01:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Absolution
[2012-11-26 00:21:32 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012-11-26 00:20:46 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-11-25 23:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-11-25 23:48:20 | 000,000,000 | ---D | C] -- C:\rsit
[2012-11-25 22:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hitman Absolution
[2012-11-25 14:57:00 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Desktop\notatki fizyka
[2012-11-24 18:21:29 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Windows
[2012-11-23 00:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-11-23 00:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012-11-22 17:42:35 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Assassin's Creed III
[2012-11-22 17:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Mechanics
[2012-11-22 01:33:09 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\msdata
[2012-11-21 22:52:16 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\Drivers
[2012-11-21 11:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-11-17 14:13:06 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\HeroBlade Logs
[2012-11-16 21:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012-11-16 21:09:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-11-08 00:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLYouTubeDownloader
[2012-11-08 00:06:08 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\Programs
[2012-11-08 00:00:52 | 000,000,000 | ---D | C] -- C:\ASUS WebStorage
[2012-11-07 23:59:45 | 000,000,000 | ---D | C] -- C:\AVG Secure Search
[2012-11-07 23:59:42 | 000,000,000 | ---D | C] -- C:\Urządzenia Bluetooth
[2012-11-07 23:59:36 | 000,000,000 | ---D | C] -- C:\Atheros
[2012-11-07 23:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012-11-07 23:29:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012-11-07 23:28:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-11-07 23:27:52 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012-11-07 23:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-11-29 01:36:42 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-29 01:36:40 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012-11-29 01:35:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-29 01:35:23 | 2057,707,519 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-29 00:40:21 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-11-29 00:34:12 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-29 00:34:12 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-29 00:27:29 | 000,000,324 | ---- | M] () -- C:\Users\Łuczewski\Desktop\FIX.BAT
[2012-11-29 00:06:19 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-11-28 23:42:15 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-28 23:33:15 | 000,001,013 | ---- | M] () -- C:\Users\Łuczewski\Desktop\SpeedFan.lnk
[2012-11-28 23:33:14 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-11-28 21:22:07 | 000,202,240 | RHS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
[2012-11-28 21:07:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012-11-27 15:46:08 | 000,434,688 | -HS- | M] () -- C:\Users\Łuczewski\AppData\Roaming\svccost.exe
[2012-11-27 12:54:15 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-11-23 00:39:57 | 000,002,301 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-11-21 12:00:22 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-11-21 12:00:22 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-11-09 14:55:31 | 001,694,898 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-11-09 14:55:31 | 000,749,844 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-11-09 14:55:31 | 000,664,012 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-11-09 14:55:31 | 000,158,582 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-11-09 14:55:31 | 000,125,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-11-08 22:20:30 | 000,030,568 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012-11-07 23:28:05 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-03 21:04:08 | 000,000,865 | ---- | M] () -- C:\Users\Łuczewski\Desktop\ekipa.contact
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-11-29 00:40:21 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-11-29 00:27:28 | 000,000,324 | ---- | C] () -- C:\Users\Łuczewski\Desktop\FIX.BAT
[2012-11-28 23:33:15 | 000,001,013 | ---- | C] () -- C:\Users\Łuczewski\Desktop\SpeedFan.lnk
[2012-11-28 23:33:14 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-11-28 21:22:09 | 000,202,240 | RHS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
[2012-11-27 15:46:08 | 000,434,688 | -HS- | C] () -- C:\Users\Łuczewski\AppData\Roaming\svccost.exe
[2012-11-27 12:54:15 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-11-23 00:39:57 | 000,002,301 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-23 00:37:25 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-23 00:37:24 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-07 23:28:05 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-03 21:04:08 | 000,000,865 | ---- | C] () -- C:\Users\Łuczewski\Desktop\ekipa.contact
[2012-10-27 16:52:30 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-07-11 17:06:17 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-06-21 16:58:37 | 000,000,380 | ---- | C] () -- C:\Users\Łuczewski\AppData\Roaming\sp_data.sys
[2012-06-21 15:24:40 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-06-21 15:24:40 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012-06-19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-03-13 10:08:55 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012-03-13 10:08:49 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012-03-13 10:08:47 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-03-13 10:08:45 | 013,020,160 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012-02-03 06:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011-10-20 00:00:15 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011-10-19 23:42:45 | 001,719,502 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-09-28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2012-11-28 22:51:22 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2012-11-28 22:51:22 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
[/log]
extras [log]OTL Extras logfile created on: 2012-11-29 01:38:24 - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Łuczewski\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 5,77 Gb Available Physical Memory | 73,20% Memory free
15,78 Gb Paging File | 13,43 Gb Available in Paging File | 85,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 117,13 Gb Free Space | 41,91% Space Free | Partition Type: NTFS
Drive D: | 394,45 Gb Total Space | 197,84 Gb Free Space | 50,16% Space Free | Partition Type: NTFS
Drive F: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCZEWSKIPC | User Name: Łuczewski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4658A443-B269-424B-A356-C1645BAE7C8A}" = protocol=58 | dir=in | app=system |
"{CBD0C085-31CD-4948-ADFF-E5A31F9BC475}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"TCP Query User{35356CCB-8939-4044-B4EA-A73059D53BE1}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{2AB85C3D-239F-4760-9D5F-2A934007FD3D}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03E5CBD3-73E3-410D-890D-D3F48B2653A6}" = Windows Live Family Safety
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E7EF678-587B-43E9-B13C-9F4B52ACFFCA}" = Windows Live Family Safety
"{0F872589-F781-4EAF-9CBC-BF6A9809F17D}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19E42E62-8C05-42DE-9DC4-C606F9F8927B}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E8F990F-A140-47D4-B266-402E9CF96FC3}" = Windows Live Family Safety
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}" = Windows Live Family Safety
"{5708148D-3A0E-4587-8311-DFCFA33F4D92}" = Windows Live Family Safety
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7D8BBAF2-E7C6-4BB6-9E35-31340373F699}" = Windows Live Family Safety
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0415-1000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A2D54577-154D-4D8B-9ECF-D7D4553ECE63}" = Windows Live Family Safety
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B96C4CA9-FA40-490C-B3BB-50F84A44694E}" = Windows Live Family Safety
"{BCA3DCDA-170A-44DB-A888-78105ABACF43}" = Windows Live Family Safety
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{D8F30372-43E3-4720-ABDE-11C95E562B71}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 10.5.9.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{122800FE-3AAF-4974-9FBD-54B023FA756A}" = „Windows Live Messenger“
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{19EA33FB-B34E-40EA-8B8A-61743AEB795A}" = Wireless Console 3
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}" = Dream Vacation Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}" = Bubbletown
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}" = Go Go Gourmet Chef of the Year
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}" = Turbo Fiesta
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}" = World of Goo
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}" = Mahjong Memoirs
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}" = Deadtime Stories
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}" = Farm Frenzy 3 - Madagascar
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90140011-0066-0415-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Polski
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3
"{938CFBD4-0652-49E5-BB8B-153948865941}" = ASUS Virtual Touch
"{95030349-3623-4920-89BF-8BEC5EF311C5}_is1" = Hitman Absolution
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed ® III
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD215FCB-27E8-4C86-9251-8B8C1D548743}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}" = Windows Live Messenger
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Obsługa programów Apple
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA20D803-14E5-4B00-8F03-B519D46F9D4A}" = Windows Live Messenger
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALL YouTube Downloader_is1" = ALL YouTube Downloader
"ALLPlayer_is1" = ALLPlayer V5.X
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUSscr_K_NoSound" = ASUSscr_K_NoSound
"AVG Secure Search" = AVG Security Toolbar
"ESET Online Scanner" = ESET Online Scanner v3
"Game Park Console" = Game Park Console
"Google Chrome" = Google Chrome
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.8.0 (Full)
"LiveVDO plugin" = LiveVDO plugin 1.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000
"Mozilla Firefox 16.0.2 (x86 pl)" = Mozilla Firefox 16.0.2 (x86 pl)
"Mozilla Thunderbird 14.0 (x86 pl)" = Mozilla Thunderbird 14.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151)
"Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"Origin" = Origin
"PeerGuardian_is1" = PeerGuardian 2.0
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"SpeedFan" = SpeedFan (remove only)
"StartNow Toolbar" = StartNow Toolbar
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"VLC media player" = VLC media player 2.0.3
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"YouTube to ALLPlayer_is1" = YouTube to ALLPlayer

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-11-28 06:05:01 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7020

Error - 2012-11-28 06:05:02 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2012-11-28 06:05:02 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8034

Error - 2012-11-28 06:05:02 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8034

Error - 2012-11-28 16:50:40 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-28 17:44:41 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-28 18:01:29 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-28 19:01:57 | Computer Name = Łuczewskipc | Source = SideBySide | ID = 16842832
Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\Łuczewski\Downloads\esetsmartinstaller_plk.exe”.
Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana
przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki
powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 2012-11-28 19:02:00 | Computer Name = Łuczewskipc | Source = SideBySide | ID = 16842832
Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\Łuczewski\Downloads\esetsmartinstaller_plk.exe”.
Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana
przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki
powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 2012-11-28 20:45:39 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


[ System Events ]
Error - 2012-11-26 06:31:27 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891

Error - 2012-11-26 06:34:17 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Podstawowy aparat filtrowania zakończyła działanie; wystąpił
następujący błąd: %%5

Error - 2012-11-26 06:34:17 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Zapora systemu Windows zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-26 06:34:23 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Moduły obsługi kluczy IPsec IKE i AuthIP zależy od usługi Podstawowy
aparat filtrowania, której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-26 06:34:23 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Agent zasad IPsec zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-26 06:35:02 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie;
wystąpił następujący błąd: %%-2147024891

Error - 2012-11-26 06:35:02 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891

Error - 2012-11-26 06:37:09 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Podstawowy aparat filtrowania zakończyła działanie; wystąpił
następujący błąd: %%5

Error - 2012-11-26 06:37:09 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Zapora systemu Windows zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-26 06:37:15 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Moduły obsługi kluczy IPsec IKE i AuthIP zależy od usługi Podstawowy
aparat filtrowania, której nie można uruchomić z powodu następującego błędu: %%5


< End of report >
[/log]

Gość
komentarz
komentarz (edytowane)

Wciąż siedzą 2 takie dziady:
[code]
C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
C:\Users\Łuczewski\AppData\Roaming\svccost.exe
[/code]

1.Uruchom BlitzBlank i w karcie [b]script [/b]wklej:

[code]

DeleteFile:
C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe
C:\Users\Łuczewski\AppData\Roaming\svccost.exe
C:\Users\Łuczewski\Documents\Windows\winworker.exe
[/code]

Kliknij executeNOW

2.Podaj nowy log z OTL po usuwaniu blitzblankiem

Janek92brum
komentarz
komentarz (edytowane)

log z otl [log]OTL logfile created on: 2012-11-29 21:07:06 - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Łuczewski\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 6,07 Gb Available Physical Memory | 76,97% Memory free
15,78 Gb Paging File | 13,81 Gb Available in Paging File | 87,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 116,45 Gb Free Space | 41,67% Space Free | Partition Type: NTFS
Drive D: | 394,45 Gb Total Space | 197,84 Gb Free Space | 50,16% Space Free | Partition Type: NTFS
Drive F: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCZEWSKIPC | User Name: Łuczewski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-11-25 23:32:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Łuczewski\Downloads\OTL.exe
PRC - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-11-14 03:11:00 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-11-08 22:20:30 | 000,711,112 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-09-29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-09-29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
PRC - [2012-06-07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Updater\Updater.exe
PRC - [2012-05-31 05:10:58 | 000,336,992 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012-02-17 02:04:20 | 000,289,408 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
PRC - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
PRC - [2012-02-07 05:12:52 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-01-30 22:32:16 | 001,120,936 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011-12-21 22:15:54 | 000,017,872 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
PRC - [2011-10-19 23:59:44 | 003,331,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\APRP\aprp.exe
PRC - [2011-10-03 19:46:00 | 000,760,448 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe
PRC - [2011-10-03 19:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-11-14 03:10:59 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
MOD - [2012-11-14 03:10:57 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\pdf.dll
MOD - [2012-11-14 03:10:12 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\libglesv2.dll
MOD - [2012-11-14 03:10:11 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\libegl.dll
MOD - [2012-11-14 03:10:04 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\avutil-51.dll
MOD - [2012-11-14 03:10:03 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\avformat-54.dll
MOD - [2012-11-14 03:10:02 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\avcodec-54.dll
MOD - [2012-05-30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012-05-30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:[b]64bit:[/b] - [2012-02-03 06:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:[b]64bit:[/b] - [2011-03-04 00:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2010-09-23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010-09-17 09:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-11-21 12:00:22 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-16 21:09:32 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-11-08 22:20:30 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012-10-25 15:27:11 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-09-29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate)
SRV - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc)
SRV - [2012-06-07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-02-29 02:19:04 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-02-29 02:19:02 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-02-22 08:18:24 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2011-12-29 23:09:24 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-11-08 22:20:30 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:[b]64bit:[/b] - [2012-10-02 23:21:00 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2012-09-29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012-05-31 05:10:48 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-22 08:18:14 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012-02-20 03:31:14 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2012-02-19 19:16:24 | 000,200,488 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:56 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:[b]64bit:[/b] - [2012-01-11 05:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:54 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:54 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:24 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:06 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:54 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:36 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:18 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2011-12-28 08:15:50 | 000,292,456 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:[b]64bit:[/b] - [2011-12-23 04:09:00 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011-12-21 22:15:56 | 000,035,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVBus.sys -- (AsusVBus)
DRV:[b]64bit:[/b] - [2011-11-10 09:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2011-11-08 03:48:28 | 000,016,512 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVTouch.sys -- (AsusVTouch)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011-08-23 14:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-05-13 23:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010-11-20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:[b]64bit:[/b] - [2010-09-17 09:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:[b]64bit:[/b] - [2009-07-20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-05-24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AiCharger.sys -- (AiCharger)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752&q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=12.2.5.32&sap=hp
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://isearch.avg.com/?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=11.1.0.7&sap=hp
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=PL&install_date=20120711&user_guid=AFCCE6B745DF4E30BBBF417FDD48D994&machine_id=ec080796f5004ab7455755a0b4f5c227&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=5a3624fa-ff6c-11e1-ac98-0008caf29752&q={searchTerms}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{98DB4022-589B-40F9-B822-84C3AD18B2CD}: "URL" = https://isearch.avg.com/search?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledAddons: {687578b9-7132-4a7a-80e4-30ee31099e03}:3.16.0.3
FF - prefs.js..extensions.enabledAddons: {862FF4F2-E810-11E0-8FEF-D73D4824019B}:1.1.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011-10-20 00:10:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012-11-08 22:20:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-16 21:09:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-11-07 23:29:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-16 21:09:31 | 000,000,000 | ---D | M]

[2012-06-21 21:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Extensions
[2012-11-27 13:08:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions
[2012-08-30 10:29:32 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2012-11-15 15:38:29 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012-11-08 00:06:48 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org
[2012-11-08 00:07:04 | 000,000,000 | ---D | M] (ALLYouTubeDownloader) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-06-22 17:10:04 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org.xpi
[2012-10-28 12:28:23 | 000,013,713 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org.xpi
[2012-11-27 13:08:15 | 000,185,911 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.xpi
[2012-06-07 20:16:04 | 000,000,935 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\conduit.xml
[2012-09-15 20:34:56 | 000,000,792 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\startsear.xml
[2012-07-11 17:06:27 | 000,001,390 | ---- | M] () -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\searchplugins\yahoo-zugo.xml
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{687578B9-7132-4A7A-80E4-30EE31099E03}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.XPI
[2012-11-16 21:09:32 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-10-27 14:45:50 | 000,083,456 | ---- | M] (LiveVDO ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2012-06-15 00:13:23 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-11-08 22:20:31 | 000,003,574 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-06-15 00:13:23 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-15 00:13:23 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-15 00:13:23 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-15 00:13:23 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-15 00:13:23 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.91\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.20 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Angry Birds = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: From Dust = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj\0.0.0.23_0\
CHR - Extension: Pogoda (rozszerzenie) = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.7_0\
CHR - Extension: Lot = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijifgbfkfcalmnndkdaoefpdbkpolij\2.0.0_0\
CHR - Extension: Another Update = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bipiocmkdofpgpdebagkjpgcpbjmbgkn\1.1.2_0\
CHR - Extension: YouTube = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Adventure Time with Finn and Jake = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocngmpdkbemndadokjpgkhhjihadopd\1.7_0\
CHR - Extension: Kingdom Rush = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim\1.0.7.3_0\
CHR - Extension: Szukaj w Google = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Cut the Rope = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\14_0\
CHR - Extension: Go Home Dinosaurs (Beta) = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\icefnknicgejiphafapflechfoeelbeo\1.0.0.8_0\
CHR - Extension: AVG Secure Search = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\
CHR - Extension: AVG Secure Search = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak
CHR - Extension: uTorrentControl2 = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.17.1_0\
CHR - Extension: LiveVDO plugin = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\
CHR - Extension: Gmail = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:[b]64bit:[/b] - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (ALLYouTubeDownloader) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL (ALLCinema Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [GoogleChromeAutoLaunch_14468DE656B7E0BCF56707E1A1C80FF0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [HostServices] "C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe" File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [MicrosoftProtection] "C:\Users\Łuczewski\AppData\Roaming\svccost.exe" File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsDefender] C:\Users\Łuczewski\Documents\Windows\firewall.exe File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsWorker] C:\Users\Łuczewski\Documents\Windows\winworker.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.231.1.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CDAE1432-797B-4373-8C50-8015FD4769B8}: DhcpNameServer = 217.172.224.160 89.231.1.206
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-11-30 00:28:45 | 000,000,044 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2011-01-10 22:14:21 | 001,103,232 | R--- | M] (THQ Inc.)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Setup.exe -- [2011-01-10 22:14:21 | 001,103,232 | R--- | M] (THQ Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-11-29 21:05:47 | 000,000,000 | R--D | C] -- C:\Users\Łuczewski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012-11-29 00:40:30 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Malwarebytes
[2012-11-29 00:40:21 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-11-29 00:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-11-29 00:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-11-29 00:40:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-11-29 00:29:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-11-29 00:02:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012-11-28 23:33:15 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-11-28 23:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-11-28 23:33:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012-11-28 22:50:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support
[2012-11-28 00:16:29 | 026,331,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012-11-28 00:16:29 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012-11-28 00:16:29 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012-11-28 00:16:29 | 018,252,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012-11-28 00:16:29 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012-11-28 00:16:29 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012-11-28 00:16:29 | 014,922,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012-11-28 00:16:29 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012-11-28 00:16:29 | 009,146,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012-11-28 00:16:29 | 007,414,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012-11-28 00:16:29 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012-11-28 00:16:29 | 002,747,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012-11-28 00:16:29 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012-11-28 00:16:29 | 002,218,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012-11-28 00:16:29 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012-11-28 00:16:29 | 000,831,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012-11-28 00:16:29 | 000,030,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2012-11-27 15:27:48 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012-11-27 14:38:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012-11-27 13:58:41 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Theta
[2012-11-27 13:10:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-11-27 12:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-11-27 12:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-11-26 01:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Absolution
[2012-11-26 00:21:32 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012-11-26 00:20:46 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-11-25 23:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-11-25 23:48:20 | 000,000,000 | ---D | C] -- C:\rsit
[2012-11-25 22:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hitman Absolution
[2012-11-25 14:57:00 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Desktop\notatki fizyka
[2012-11-24 18:21:29 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Windows
[2012-11-23 00:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-11-23 00:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012-11-22 17:42:35 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Assassin's Creed III
[2012-11-22 17:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Mechanics
[2012-11-22 01:33:09 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\msdata
[2012-11-21 22:52:16 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\Drivers
[2012-11-21 11:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-11-17 14:13:06 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\HeroBlade Logs
[2012-11-16 21:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012-11-16 21:09:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-11-08 00:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLYouTubeDownloader
[2012-11-08 00:06:08 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\Programs
[2012-11-08 00:00:52 | 000,000,000 | ---D | C] -- C:\ASUS WebStorage
[2012-11-07 23:59:45 | 000,000,000 | ---D | C] -- C:\AVG Secure Search
[2012-11-07 23:59:42 | 000,000,000 | ---D | C] -- C:\Urządzenia Bluetooth
[2012-11-07 23:59:36 | 000,000,000 | ---D | C] -- C:\Atheros
[2012-11-07 23:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012-11-07 23:29:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012-11-07 23:28:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-11-07 23:27:52 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012-11-07 23:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-11-29 21:06:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-11-29 21:05:56 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-29 21:05:56 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012-11-29 21:05:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-29 21:05:24 | 2057,707,519 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-29 21:04:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-29 21:04:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-29 17:42:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-29 00:40:21 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-11-29 00:27:29 | 000,000,324 | ---- | M] () -- C:\Users\Łuczewski\Desktop\FIX.BAT
[2012-11-28 23:33:15 | 000,001,013 | ---- | M] () -- C:\Users\Łuczewski\Desktop\SpeedFan.lnk
[2012-11-28 23:33:14 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-11-28 21:07:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012-11-27 12:54:15 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-11-23 00:39:57 | 000,002,301 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-11-21 12:00:22 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-11-21 12:00:22 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-11-09 14:55:31 | 001,694,898 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-11-09 14:55:31 | 000,749,844 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-11-09 14:55:31 | 000,664,012 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-11-09 14:55:31 | 000,158,582 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-11-09 14:55:31 | 000,125,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-11-08 22:20:30 | 000,030,568 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012-11-07 23:28:05 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-03 21:04:08 | 000,000,865 | ---- | M] () -- C:\Users\Łuczewski\Desktop\ekipa.contact
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-11-29 00:40:21 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-11-29 00:27:28 | 000,000,324 | ---- | C] () -- C:\Users\Łuczewski\Desktop\FIX.BAT
[2012-11-28 23:33:15 | 000,001,013 | ---- | C] () -- C:\Users\Łuczewski\Desktop\SpeedFan.lnk
[2012-11-28 23:33:14 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-11-27 12:54:15 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-11-23 00:39:57 | 000,002,301 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-23 00:37:25 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-23 00:37:24 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-07 23:28:05 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-03 21:04:08 | 000,000,865 | ---- | C] () -- C:\Users\Łuczewski\Desktop\ekipa.contact
[2012-10-27 16:52:30 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-07-11 17:06:17 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-06-21 16:58:37 | 000,000,380 | ---- | C] () -- C:\Users\Łuczewski\AppData\Roaming\sp_data.sys
[2012-06-21 15:24:40 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-06-21 15:24:40 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012-06-19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-03-13 10:08:55 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012-03-13 10:08:49 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012-03-13 10:08:47 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-03-13 10:08:45 | 013,020,160 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012-02-03 06:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011-10-20 00:00:15 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011-10-19 23:42:45 | 001,719,502 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-09-28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2012-11-28 22:51:22 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2012-11-28 22:51:22 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
[/log]
extras [log]OTL Extras logfile created on: 2012-11-29 21:07:06 - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Łuczewski\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 6,07 Gb Available Physical Memory | 76,97% Memory free
15,78 Gb Paging File | 13,81 Gb Available in Paging File | 87,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 116,45 Gb Free Space | 41,67% Space Free | Partition Type: NTFS
Drive D: | 394,45 Gb Total Space | 197,84 Gb Free Space | 50,16% Space Free | Partition Type: NTFS
Drive F: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCZEWSKIPC | User Name: Łuczewski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{B00D6A02-C04F-4BAC-A046-A4F3779E57A2}" = protocol=58 | dir=in | app=system |
"{FFDB936B-8A0C-4814-8A8B-42042DB493A9}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"TCP Query User{35356CCB-8939-4044-B4EA-A73059D53BE1}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{2AB85C3D-239F-4760-9D5F-2A934007FD3D}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03E5CBD3-73E3-410D-890D-D3F48B2653A6}" = Windows Live Family Safety
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E7EF678-587B-43E9-B13C-9F4B52ACFFCA}" = Windows Live Family Safety
"{0F872589-F781-4EAF-9CBC-BF6A9809F17D}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19E42E62-8C05-42DE-9DC4-C606F9F8927B}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E8F990F-A140-47D4-B266-402E9CF96FC3}" = Windows Live Family Safety
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}" = Windows Live Family Safety
"{5708148D-3A0E-4587-8311-DFCFA33F4D92}" = Windows Live Family Safety
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7D8BBAF2-E7C6-4BB6-9E35-31340373F699}" = Windows Live Family Safety
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0415-1000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A2D54577-154D-4D8B-9ECF-D7D4553ECE63}" = Windows Live Family Safety
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B96C4CA9-FA40-490C-B3BB-50F84A44694E}" = Windows Live Family Safety
"{BCA3DCDA-170A-44DB-A888-78105ABACF43}" = Windows Live Family Safety
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{D8F30372-43E3-4720-ABDE-11C95E562B71}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 10.5.9.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{122800FE-3AAF-4974-9FBD-54B023FA756A}" = „Windows Live Messenger“
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{19EA33FB-B34E-40EA-8B8A-61743AEB795A}" = Wireless Console 3
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}" = Dream Vacation Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115065740}" = Bubbletown
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}" = Go Go Gourmet Chef of the Year
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}" = Turbo Fiesta
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}" = World of Goo
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}" = Plants vs Zombies
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117948443}" = Mahjong Memoirs
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}" = Deadtime Stories
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}" = Farm Frenzy 3 - Madagascar
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90140011-0066-0415-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Polski
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3
"{938CFBD4-0652-49E5-BB8B-153948865941}" = ASUS Virtual Touch
"{95030349-3623-4920-89BF-8BEC5EF311C5}_is1" = Hitman Absolution
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed ® III
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD215FCB-27E8-4C86-9251-8B8C1D548743}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}" = Windows Live Messenger
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Obsługa programów Apple
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA20D803-14E5-4B00-8F03-B519D46F9D4A}" = Windows Live Messenger
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1" = ALLMediaServer
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALL YouTube Downloader_is1" = ALL YouTube Downloader
"ALLPlayer_is1" = ALLPlayer V5.X
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUSscr_K_NoSound" = ASUSscr_K_NoSound
"AVG Secure Search" = AVG Security Toolbar
"ESET Online Scanner" = ESET Online Scanner v3
"Game Park Console" = Game Park Console
"Google Chrome" = Google Chrome
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.8.0 (Full)
"LiveVDO plugin" = LiveVDO plugin 1.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000
"Mozilla Firefox 16.0.2 (x86 pl)" = Mozilla Firefox 16.0.2 (x86 pl)
"Mozilla Thunderbird 14.0 (x86 pl)" = Mozilla Thunderbird 14.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151)
"Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"Origin" = Origin
"PeerGuardian_is1" = PeerGuardian 2.0
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"SpeedFan" = SpeedFan (remove only)
"StartNow Toolbar" = StartNow Toolbar
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"VLC media player" = VLC media player 2.0.3
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"YouTube to ALLPlayer_is1" = YouTube to ALLPlayer

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-11-28 06:05:02 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2012-11-28 06:05:02 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8034

Error - 2012-11-28 06:05:02 | Computer Name = Łuczewskipc | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8034

Error - 2012-11-28 16:50:40 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-28 17:44:41 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-28 18:01:29 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-28 19:01:57 | Computer Name = Łuczewskipc | Source = SideBySide | ID = 16842832
Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\Łuczewski\Downloads\esetsmartinstaller_plk.exe”.
Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana
przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki
powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 2012-11-28 19:02:00 | Computer Name = Łuczewskipc | Source = SideBySide | ID = 16842832
Description = Nie można wygenerować kontekstu aktywacji dla „C:\Users\Łuczewski\Downloads\esetsmartinstaller_plk.exe”.
Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana
przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna.
Składniki
powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Składnik
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 2012-11-28 20:45:39 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 2012-11-29 10:48:07 | Computer Name = Łuczewskipc | Source = CVHSVC | ID = 100
Description = Tylko informacje. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


[ System Events ]
Error - 2012-11-26 06:43:18 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie;
wystąpił następujący błąd: %%-2147024891

Error - 2012-11-26 06:43:18 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891

Error - 2012-11-27 06:44:38 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Podstawowy aparat filtrowania zakończyła działanie; wystąpił
następujący błąd: %%5

Error - 2012-11-27 06:44:38 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Zapora systemu Windows zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-27 06:44:39 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Moduły obsługi kluczy IPsec IKE i AuthIP zależy od usługi Podstawowy
aparat filtrowania, której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-27 06:44:39 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Agent zasad IPsec zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5

Error - 2012-11-27 06:45:08 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Publikacja zasobów odnajdowania funkcji zakończyła działanie;
wystąpił następujący błąd: %%-2147024891

Error - 2012-11-27 06:45:08 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Dostawca grupy domowej zależy od usługi Publikacja zasobów
odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%-2147024891

Error - 2012-11-27 08:06:32 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7023
Description = Usługa Podstawowy aparat filtrowania zakończyła działanie; wystąpił
następujący błąd: %%5

Error - 2012-11-27 08:06:32 | Computer Name = Łuczewskipc | Source = Service Control Manager | ID = 7001
Description = Usługa Zapora systemu Windows zależy od usługi Podstawowy aparat filtrowania,
której nie można uruchomić z powodu następującego błędu: %%5


< End of report >
[/log]

Gość
komentarz
komentarz

Log wygląda dobrze :)


Odinstaluj:

Trend Micro Titanium Internet Security
Trend Micro Titanium Internet Security
Pando Media Booster
AVG Security Toolbar
LiveVDO plugin 1.3(jeżeli nie używasz)
StartNow Toolbar
uTorrentControl2 Toolbar

1. Uruchom OTL i w okno [b]Własne opcje skanowania /skrypt[/b]


Wklej

[code]

:OTL
IE - HKLM\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/...q={searchTerms}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow...eferrer:source}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/...q={searchTerms}
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q="
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [HostServices] "C:\Users\Łuczewski\AppData\Roaming\HostServices6.exe" File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [MicrosoftProtection] "C:\Users\Łuczewski\AppData\Roaming\svccost.exe" File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsDefender] C:\Users\Łuczewski\Documents\Windows\firewall.exe File not found
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [WindowsWorker] C:\Users\Łuczewski\Documents\Windows\winworker.exe File not found
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2011-01-10 22:14:21 | 001,103,232 | R--- | M] (THQ Inc.)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Setup.exe -- [2011-01-10 22:14:21 | 001,103,232 | R--- | M] (THQ Inc.)

:Files
C:\Windows\SysWow64\%APPDATA%

:Commands
[emptytemp]
[/code]

Kliknij [b]Wykonaj skrypt[/b]


2.Użyj adwcleaner-a

http://general-changelog-team.fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner

Opcja delete

3.W przeglądarce jakiej używasz dorzuć sobie adblocka .noscript WOT(web of trust)(zawsze bezpieczniej :D)

4.Zainstaluj antywirusa (AVAST/AVG/AVIRA/KINGSOFT ANTIVIRUS)

5.Podaj nowy log z OTL

Janek92brum
komentarz
komentarz (edytowane)

skrypt [log]All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ not found.
Registry key HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=" removed from keyword.URL
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\HostServices deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\MicrosoftProtection deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsDefender deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWorker deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41a1d28e-80ce-11e1-ad88-806e6f6e6963}\ not found.
File move failed. F:\Setup.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File move failed. F:\Setup.exe scheduled to be moved on reboot.
========== FILES ==========
C:\Windows\SysWow64\%APPDATA%\Microsoft\Windows\IETldCache folder moved successfully.
C:\Windows\SysWow64\%APPDATA%\Microsoft\Windows folder moved successfully.
C:\Windows\SysWow64\%APPDATA%\Microsoft folder moved successfully.
C:\Windows\SysWow64\%APPDATA% folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Gość
->Temp folder emptied: 1261177 bytes
->Temporary Internet Files folder emptied: 855304 bytes
->FireFox cache emptied: 802310613 bytes
->Flash cache emptied: 2001 bytes

User: hedev
->Temp folder emptied: 43164427 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Łuczewski
->Temp folder emptied: 5303645 bytes
->Temporary Internet Files folder emptied: 4847538 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 66595486 bytes
->Google Chrome cache emptied: 352503451 bytes
->Flash cache emptied: 761 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 50878813 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67965 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 266,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11302012_202548

Files\Folders moved on Reboot...
File move failed. F:\Setup.exe scheduled to be moved on reboot.
File\Folder C:\Users\Łuczewski\AppData\Local\Temp\etilqs_kWzToHuUuSCPipQ not found!
File\Folder C:\Users\Łuczewski\AppData\Local\Temp\etilqs_Tqe3dggXq5q6Dgr not found!
File\Folder C:\Users\Łuczewski\AppData\Local\Temp\etilqs_w4Vkv3dGaAMMUm5 not found!
File\Folder C:\Users\Łuczewski\AppData\Local\Temp\F.tmp not found!
C:\Users\Łuczewski\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
C:\Windows\temp\Low\MSI\SkypeToolbars.msi moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
[/log]
i log z otl [log]OTL logfile created on: 2012-11-30 21:20:08 - Run 7
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Łuczewski\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,89 Gb Total Physical Memory | 5,68 Gb Available Physical Memory | 72,01% Memory free
15,78 Gb Paging File | 13,19 Gb Available in Paging File | 83,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,46 Gb Total Space | 114,72 Gb Free Space | 41,05% Space Free | Partition Type: NTFS
Drive D: | 394,45 Gb Total Space | 197,84 Gb Free Space | 50,16% Space Free | Partition Type: NTFS
Drive F: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LUCZEWSKIPC | User Name: Łuczewski | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-11-28 04:43:18 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-11-25 23:32:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Łuczewski\Downloads\OTL.exe
PRC - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-10-30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-10-25 15:27:11 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-09-29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-09-29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012-08-20 08:39:39 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
PRC - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
PRC - [2012-05-31 05:10:58 | 000,336,992 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2012-02-29 02:19:04 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012-02-29 02:19:02 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012-02-17 02:04:20 | 000,289,408 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
PRC - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
PRC - [2012-02-07 05:12:52 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012-01-30 22:32:16 | 001,120,936 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011-12-21 22:15:54 | 000,017,872 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
PRC - [2011-10-03 19:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-11-28 04:43:17 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
MOD - [2012-11-28 04:43:16 | 012,456,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
MOD - [2012-11-28 04:43:15 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
MOD - [2012-11-28 04:42:30 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\libglesv2.dll
MOD - [2012-11-28 04:42:29 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\libegl.dll
MOD - [2012-11-28 04:42:22 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avutil-51.dll
MOD - [2012-11-28 04:42:21 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll
MOD - [2012-11-28 04:42:21 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avformat-54.dll
MOD - [2012-10-25 15:27:10 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012-10-25 15:27:04 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012-10-25 15:27:04 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2012-10-25 15:27:04 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012-10-25 15:27:04 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012-05-30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012-05-30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012-03-04 21:22:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2012-02-03 06:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:[b]64bit:[/b] - [2011-08-05 11:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:[b]64bit:[/b] - [2011-03-04 00:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2010-09-23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-11-21 12:45:21 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-11-21 12:00:22 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-11-16 21:09:32 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-10-25 15:27:11 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-10-02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-09-29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe -- (BBUpdate)
SRV - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe -- (BBSvc)
SRV - [2012-06-07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-02-29 02:19:04 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012-02-29 02:19:02 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012-02-22 08:18:24 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012-02-21 20:29:38 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012-02-21 20:29:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012-02-17 02:04:18 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011-12-29 23:27:48 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2011-12-29 23:09:24 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011-10-01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011-10-01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-10-30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2012-10-30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2012-10-30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2012-10-30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2012-10-30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012-10-15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2012-10-02 23:21:00 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:[b]64bit:[/b] - [2012-09-29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012-08-21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012-05-31 05:10:48 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012-02-22 08:18:14 | 014,692,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012-02-20 03:31:14 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2012-02-19 19:16:24 | 000,200,488 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:56 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:[b]64bit:[/b] - [2012-02-07 05:12:54 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:[b]64bit:[/b] - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:[b]64bit:[/b] - [2012-01-11 05:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:54 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:[b]64bit:[/b] - [2011-12-29 23:18:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:54 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:24 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:[b]64bit:[/b] - [2011-12-29 23:17:06 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:54 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:36 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:[b]64bit:[/b] - [2011-12-29 23:16:18 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:[b]64bit:[/b] - [2011-12-28 08:15:50 | 000,292,456 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:[b]64bit:[/b] - [2011-12-23 04:09:00 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011-12-21 22:15:56 | 000,035,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVBus.sys -- (AsusVBus)
DRV:[b]64bit:[/b] - [2011-11-10 09:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2011-11-08 03:48:28 | 000,016,512 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AsusVTouch.sys -- (AsusVTouch)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-10-19 22:29:28 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011-10-01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011-08-23 14:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-05-13 23:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010-11-20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2009-07-20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-05-24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012-01-30 22:32:16 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AiCharger.sys -- (AiCharger)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\..\SearchScopes\{98DB4022-589B-40F9-B822-84C3AD18B2CD}: "URL" = https://isearch.avg.com/search?cid={A1A0D741-F95E-4366-975C-0F465255D7C7}&mid=47b82f78edb747d08ba8d1418c167ea1-0ca0a9d2bcb5de30c7a27724695071785933c27a&lang=pl&ds=st011&pr=sa&d=2012-06-21 16:26:30&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledAddons: {687578b9-7132-4a7a-80e4-30ee31099e03}:3.16.0.3
FF - prefs.js..extensions.enabledAddons: {862FF4F2-E810-11E0-8FEF-D73D4824019B}:1.1.2
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-30 20:49:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-30 20:36:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-11-07 23:29:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-11-16 21:09:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-11-30 20:36:20 | 000,000,000 | ---D | M]

[2012-06-21 21:17:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Extensions
[2012-11-30 20:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions
[2012-11-08 00:06:48 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org
[2012-11-08 00:07:04 | 000,000,000 | ---D | M] (ALLYouTubeDownloader) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\Firefox\Profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org
[2012-06-22 17:10:04 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\IplextoALL@ALLPlayer.org.xpi
[2012-10-28 12:28:23 | 000,013,713 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\YouTubetoALL@ALLPlayer.org.xpi
[2012-11-27 13:08:15 | 000,185,911 | ---- | M] () (No name found) -- C:\Users\Łuczewski\AppData\Roaming\mozilla\firefox\profiles\30pqe91f.default\extensions\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.xpi
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-11-16 21:09:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{687578B9-7132-4A7A-80E4-30EE31099E03}
File not found (No name found) -- C:\USERS\ŁUCZEWSKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\30PQE91F.DEFAULT\EXTENSIONS\{862FF4F2-E810-11E0-8FEF-D73D4824019B}.XPI
[2012-11-16 21:09:32 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-06-15 00:13:23 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-06-15 00:13:23 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-15 00:13:23 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-15 00:13:23 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-15 00:13:23 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-15 00:13:23 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.20 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - Extension: Angry Birds = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: From Dust = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj\0.0.0.23_0\
CHR - Extension: Pogoda (rozszerzenie) = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.7_0\
CHR - Extension: WOT = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.12_0\
CHR - Extension: Lot = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijifgbfkfcalmnndkdaoefpdbkpolij\2.0.0_0\
CHR - Extension: Another Update = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bipiocmkdofpgpdebagkjpgcpbjmbgkn\1.1.2_0\
CHR - Extension: YouTube = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Adventure Time with Finn and Jake = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocngmpdkbemndadokjpgkhhjihadopd\1.7_0\
CHR - Extension: Kingdom Rush = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim\1.0.7.3_0\
CHR - Extension: Szukaj w Google = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Cut the Rope = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\14_0\
CHR - Extension: Go Home Dinosaurs (Beta) = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\icefnknicgejiphafapflechfoeelbeo\1.0.0.8_0\
CHR - Extension: avast! WebRep = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Users\Łuczewski\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (ALLYouTubeDownloader) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLYOU~1\ALLYOU~1.DLL (ALLCinema Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:[b]64bit:[/b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:[b]64bit:[/b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 File not found
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [GoogleChromeAutoLaunch_14468DE656B7E0BCF56707E1A1C80FF0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2425613530-3582171222-2280058672-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.231.1.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CDAE1432-797B-4373-8C50-8015FD4769B8}: DhcpNameServer = 217.172.224.160 89.231.1.206
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-11-30 00:28:45 | 000,000,044 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-11-30 21:06:51 | 000,000,000 | R--D | C] -- C:\Users\Łuczewski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012-11-30 20:49:58 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012-11-30 20:49:58 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012-11-30 20:49:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012-11-30 20:49:56 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012-11-30 20:49:56 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012-11-30 20:49:54 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012-11-30 20:49:48 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012-11-30 20:49:48 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012-11-30 20:49:06 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012-11-30 20:49:06 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012-11-30 20:48:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012-11-30 20:48:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012-11-29 00:40:30 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Malwarebytes
[2012-11-29 00:40:21 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-11-29 00:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-11-29 00:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-11-29 00:40:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-11-29 00:29:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-11-29 00:02:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012-11-28 23:33:15 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-11-28 23:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012-11-28 23:33:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2012-11-28 22:50:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support
[2012-11-28 00:16:29 | 026,331,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012-11-28 00:16:29 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012-11-28 00:16:29 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012-11-28 00:16:29 | 018,252,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012-11-28 00:16:29 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012-11-28 00:16:29 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012-11-28 00:16:29 | 014,922,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012-11-28 00:16:29 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012-11-28 00:16:29 | 009,146,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012-11-28 00:16:29 | 007,414,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012-11-28 00:16:29 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012-11-28 00:16:29 | 002,747,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012-11-28 00:16:29 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012-11-28 00:16:29 | 002,218,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012-11-28 00:16:29 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012-11-28 00:16:29 | 000,831,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012-11-28 00:16:29 | 000,030,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2012-11-27 14:38:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012-11-27 13:58:41 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Roaming\Theta
[2012-11-27 13:10:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-11-27 12:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012-11-27 12:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-11-26 01:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Absolution
[2012-11-26 00:21:32 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012-11-26 00:20:46 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-11-25 23:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2012-11-25 23:48:20 | 000,000,000 | ---D | C] -- C:\rsit
[2012-11-25 22:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hitman Absolution
[2012-11-25 14:57:00 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Desktop\notatki fizyka
[2012-11-24 18:21:29 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Windows
[2012-11-23 00:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012-11-23 00:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012-11-22 17:42:35 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\Assassin's Creed III
[2012-11-22 17:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Mechanics
[2012-11-22 01:33:09 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\msdata
[2012-11-21 22:52:16 | 000,000,000 | -HSD | C] -- C:\Users\Łuczewski\Drivers
[2012-11-21 11:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-11-17 14:13:06 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\Documents\HeroBlade Logs
[2012-11-16 21:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2012-11-16 21:09:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-11-08 00:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLYouTubeDownloader
[2012-11-08 00:06:08 | 000,000,000 | ---D | C] -- C:\Users\Łuczewski\AppData\Local\Programs
[2012-11-08 00:00:52 | 000,000,000 | ---D | C] -- C:\ASUS WebStorage
[2012-11-07 23:59:45 | 000,000,000 | ---D | C] -- C:\AVG Secure Search
[2012-11-07 23:59:42 | 000,000,000 | ---D | C] -- C:\Urządzenia Bluetooth
[2012-11-07 23:59:36 | 000,000,000 | ---D | C] -- C:\Atheros
[2012-11-07 23:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012-11-07 23:29:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012-11-07 23:28:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012-11-07 23:27:52 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012-11-07 23:27:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012-11-07 23:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-11-30 21:13:35 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-11-30 21:13:35 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-11-30 21:06:25 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-11-30 21:06:05 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-30 21:06:00 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012-11-30 21:05:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-11-30 21:05:42 | 2057,707,519 | -HS- | M] () -- C:\hiberfil.sys
[2012-11-30 20:49:58 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-11-30 20:49:48 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012-11-30 20:42:52 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-30 12:12:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012-11-29 00:40:21 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-11-29 00:27:29 | 000,000,324 | ---- | M] () -- C:\Users\Łuczewski\Desktop\FIX.BAT
[2012-11-28 23:33:15 | 000,001,013 | ---- | M] () -- C:\Users\Łuczewski\Desktop\SpeedFan.lnk
[2012-11-28 23:33:14 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-11-27 12:54:15 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-11-23 00:39:57 | 000,002,301 | ---- | M] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-21 12:45:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-11-21 12:00:22 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-11-21 12:00:22 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-11-09 14:55:31 | 001,694,898 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-11-09 14:55:31 | 000,749,844 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-11-09 14:55:31 | 000,664,012 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-11-09 14:55:31 | 000,158,582 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-11-09 14:55:31 | 000,125,026 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-11-07 23:28:05 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-03 21:04:08 | 000,000,865 | ---- | M] () -- C:\Users\Łuczewski\Desktop\ekipa.contact

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-11-30 20:49:58 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012-11-30 20:49:48 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012-11-29 00:40:21 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-11-29 00:27:28 | 000,000,324 | ---- | C] () -- C:\Users\Łuczewski\Desktop\FIX.BAT
[2012-11-28 23:33:15 | 000,001,013 | ---- | C] () -- C:\Users\Łuczewski\Desktop\SpeedFan.lnk
[2012-11-28 23:33:14 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2012-11-27 12:54:15 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-11-23 00:39:57 | 000,002,301 | ---- | C] () -- C:\Users\Łuczewski\Desktop\Google Chrome.lnk
[2012-11-23 00:37:25 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-11-23 00:37:24 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-11-07 23:28:05 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012-11-03 21:04:08 | 000,000,865 | ---- | C] () -- C:\Users\Łuczewski\Desktop\ekipa.contact
[2012-10-27 16:52:30 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-07-11 17:06:17 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-06-21 16:58:37 | 000,000,380 | ---- | C] () -- C:\Users\Łuczewski\AppData\Roaming\sp_data.sys
[2012-06-21 15:24:40 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-06-21 15:24:40 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2012-06-19 13:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012-03-13 10:08:55 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012-03-13 10:08:49 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012-03-13 10:08:47 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012-03-13 10:08:45 | 013,020,160 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012-02-03 06:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011-10-20 00:00:15 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011-10-19 23:42:45 | 001,719,502 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-09-28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2012-11-28 22:51:22 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2012-11-28 22:51:22 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
[/log]

Gość
komentarz
komentarz

1.uruchom ponownie services repair.
2.Podaj ponownie nowy log z FSS tak jak wcześniej
3.Wykonaj pełne skanowanie avastem jakby znalazł te dwa pliki:

[color=#282828][font=helvetica, arial, sans-serif]C:\Windows\assembly\GAC_32\Desktop.ini[/font][/color]
[color=#282828][font=helvetica, arial, sans-serif]C:\Windows\assembly\GAC_64\Desktop.ini[/font][/color]

to je usuń

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.