x-kom hosting

Proszę o sprawdzenie logów Windows 7

pawel78963
utworzono
utworzono

Kolega poprosił mnie o usunięcie wirusów, ale ja się zbytnio na tym nie znam więc kieruję się tutaj :)
Logi:
OTL
[log]OTL logfile created on: 12/23/2012 1:52:30 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1.91 Gb Total Physical Memory | 0.77 Gb Available Physical Memory | 40.13% Memory free
3.83 Gb Paging File | 2.32 Gb Available in Paging File | 60.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50.00 Gb Total Space | 5.86 Gb Free Space | 11.73% Space Free | Partition Type: NTFS
Drive D: | 395.13 Gb Total Space | 349.24 Gb Free Space | 88.39% Space Free | Partition Type: NTFS
Drive F: | 33.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: SKLEP-FUJITSU | User Name: sklep | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012/12/23 13:50:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
PRC - [2012/12/23 13:04:38 | 000,115,032 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Users\sklep\AppData\Local\Temp\3582-490\SweetIM.exe
PRC - [2012/12/23 13:04:18 | 000,246,112 | ---- | M] () -- C:\ProgramData\OnlineUpdate\ouc.exe
PRC - [2012/12/23 13:00:04 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe
PRC - [2011/10/12 00:33:24 | 000,462,576 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe
PRC - [2011/10/11 23:58:31 | 000,622,344 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
PRC - [2011/03/14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010/11/03 19:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/09/30 02:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
PRC - [2009/08/13 14:06:00 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
PRC - [2009/07/14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012/12/23 13:50:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
MOD - [2012/12/23 13:04:38 | 000,115,032 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Users\sklep\AppData\Local\Temp\3582-490\SweetIM.exe
MOD - [2012/12/23 13:00:04 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe
MOD - [2012/10/09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2012/10/08 09:28:33 | 012,320,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2012/10/08 09:02:17 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2012/10/08 08:56:24 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
MOD - [2012/10/08 08:48:51 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2012/10/08 08:48:03 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2012/10/08 08:41:28 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2012/10/04 16:35:08 | 000,074,072 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll
MOD - [2012/10/04 16:35:06 | 000,299,352 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll
MOD - [2012/10/04 16:35:04 | 000,098,648 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll
MOD - [2012/10/04 16:34:52 | 000,168,280 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll
MOD - [2012/10/04 16:34:48 | 000,065,880 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll
MOD - [2012/10/04 16:34:48 | 000,036,696 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll
MOD - [2012/10/04 16:34:46 | 000,516,440 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll
MOD - [2012/10/04 16:34:38 | 000,026,968 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll
MOD - [2012/08/24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2012/08/20 18:38:44 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\acwow64.dll
MOD - [2012/08/20 18:37:18 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2012/08/20 18:37:18 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2012/06/26 11:49:23 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtGui4.dll
MOD - [2012/06/26 11:49:23 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtCore4.dll
MOD - [2012/06/26 11:49:23 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtNetwork4.dll
MOD - [2012/06/26 11:49:23 | 001,101,824 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NDISAPI.dll
MOD - [2012/06/26 11:49:23 | 001,077,248 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,808,960 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SMSUIPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,739,328 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookUIPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,670,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SmsAppPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,550,400 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallAppPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,547,840 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallLogSrvPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,545,280 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PluginContainer.dll
MOD - [2012/06/26 11:49:23 | 000,495,104 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceMgrUIPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,483,328 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetInfoUIExPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,428,032 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\core.dll
MOD - [2012/06/26 11:49:23 | 000,427,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DialupUIPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,384,512 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\USSDUIPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,381,952 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Proxy.dll
MOD - [2012/06/26 11:49:23 | 000,370,176 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qtiff4.dll
MOD - [2012/06/26 11:49:23 | 000,350,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qmng4.dll
MOD - [2012/06/26 11:49:23 | 000,338,432 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceAppPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,334,848 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\MainpagePlugin.dll
MOD - [2012/06/26 11:49:23 | 000,333,312 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetConnectPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,310,272 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\StatusBarMgrPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,301,056 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceSrvPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetInfoSrvPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,269,824 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\LiveUpdateInterface.dll
MOD - [2012/06/26 11:49:23 | 000,264,704 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookSrvPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,261,632 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\sdk.dll
MOD - [2012/06/26 11:49:23 | 000,249,344 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\MenuMgrPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,240,128 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\ToolBarMgrPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,238,080 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AtCodec.dll
MOD - [2012/06/26 11:49:23 | 000,235,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetSrvPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Common.dll
MOD - [2012/06/26 11:49:23 | 000,217,600 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SmsSrvPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,217,088 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\PLAY ONLINE\mcciwin32.dll
MOD - [2012/06/26 11:49:23 | 000,211,968 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DialUpPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qjpeg4.dll
MOD - [2012/06/26 11:49:23 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\XFramePlugin.dll
MOD - [2012/06/26 11:49:23 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NDISPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallSrvPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\XCodec.dll
MOD - [2012/06/26 11:49:23 | 000,158,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetConnectSrvPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,157,184 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DataServicePlugin.dll
MOD - [2012/06/26 11:49:23 | 000,156,672 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\STKSrvPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\USSDSrvPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Trace.dll
MOD - [2012/06/26 11:49:23 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSDialup.dll
MOD - [2012/06/26 11:49:23 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSNDIS.dll
MOD - [2012/06/26 11:49:23 | 000,123,392 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\ATR2SMgr.dll
MOD - [2012/06/26 11:49:23 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\LayoutPlugin.dll
MOD - [2012/06/26 11:49:23 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Win7Support.dll
MOD - [2012/06/26 11:49:23 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSAdapt.dll
MOD - [2012/06/26 11:49:23 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NotifyServicePlugin.dll
MOD - [2012/06/26 11:49:23 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qgif4.dll
MOD - [2012/06/26 11:49:23 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qico4.dll
MOD - [2012/06/26 11:49:23 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSPowerMgr.dll
MOD - [2012/06/26 11:49:23 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSCall.dll
MOD - [2012/06/26 11:49:23 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\libgcc_s_dw2-1.dll
MOD - [2012/06/26 11:49:23 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\mingwm10.dll
MOD - [2012/06/23 09:06:30 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2012/06/23 09:06:30 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2012/06/02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2012/06/02 05:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2012/06/02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2012/06/02 05:36:29 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2012/06/02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2012/05/05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2012/04/07 12:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2012/03/03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2012/03/01 06:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2012/01/13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2011/12/16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2011/11/17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011/11/17 06:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011/10/12 00:33:29 | 000,832,752 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\libpserverplugin.dll
MOD - [2011/10/12 00:33:28 | 005,594,864 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\libbizlplugin.dll
MOD - [2011/10/12 00:33:24 | 000,462,576 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe
MOD - [2011/10/11 23:58:40 | 000,374,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\LiveUpdate.dll
MOD - [2011/10/11 23:58:39 | 000,537,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\BackendService.dll
MOD - [2011/10/11 23:58:39 | 000,315,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\DownloadManager.dll
MOD - [2011/10/11 23:58:39 | 000,112,392 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\SystemMonitor.dll
MOD - [2011/10/11 23:58:39 | 000,105,224 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\DeviceProfileService.dll
MOD - [2011/10/11 23:58:38 | 000,323,848 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\Provisioning.dll
MOD - [2011/10/11 23:58:38 | 000,304,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\PersistenceAPI.dll
MOD - [2011/10/11 23:58:38 | 000,276,232 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\actionManager.dll
MOD - [2011/10/11 23:58:38 | 000,265,480 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\EventManager.dll
MOD - [2011/10/11 23:58:38 | 000,240,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\dispatcherServer.dll
MOD - [2011/10/11 23:58:31 | 000,622,344 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
MOD - [2011/10/11 23:58:28 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
MOD - [2011/10/11 23:58:28 | 000,071,168 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ServiceManagerStarter.dll
MOD - [2011/10/11 23:58:27 | 000,444,416 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\DeviceProfile.dll
MOD - [2011/10/11 23:58:27 | 000,318,976 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\network.dll
MOD - [2011/10/11 23:58:27 | 000,018,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\sealing.dll
MOD - [2011/10/11 23:58:26 | 000,289,792 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ServiceOfferingManager.dll
MOD - [2011/10/11 23:58:25 | 001,110,016 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\serializer.dll
MOD - [2011/10/11 23:58:24 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
MOD - [2011/10/11 23:58:24 | 000,117,248 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\dispatcher.dll
MOD - [2011/10/11 23:58:24 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
MOD - [2011/10/11 23:58:23 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
MOD - [2011/10/11 23:58:23 | 000,224,256 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\CorePersistenceAPI.dll
MOD - [2011/10/11 23:58:23 | 000,180,224 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\liveUpdateUtility.dll
MOD - [2011/10/11 23:58:23 | 000,095,232 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\policyManager.dll
MOD - [2011/10/11 23:58:23 | 000,017,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\localMessage.dll
MOD - [2011/10/11 23:58:22 | 000,219,136 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\orchestrator.dll
MOD - [2011/10/11 23:58:22 | 000,126,464 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\SystemInfo.dll
MOD - [2011/10/11 23:58:22 | 000,125,952 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\uuid.dll
MOD - [2011/10/11 23:58:22 | 000,093,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\configurationManager.dll
MOD - [2011/10/11 23:58:22 | 000,030,208 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\logger.dll
MOD - [2011/10/11 23:58:21 | 001,019,392 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\libeay32.dll
MOD - [2011/10/11 23:58:21 | 000,510,464 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\payload.dll
MOD - [2011/10/11 23:58:21 | 000,209,408 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ssleay32.dll
MOD - [2011/10/11 23:58:21 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
MOD - [2011/10/11 23:58:21 | 000,031,232 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ChannelAdapter.dll
MOD - [2011/08/27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011/08/27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011/05/24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011/05/24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011/05/12 08:31:58 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
MOD - [2011/05/12 08:31:58 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
MOD - [2011/05/12 08:31:58 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2011/04/12 02:40:48 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011/04/12 02:40:42 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2011/03/14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
MOD - [2011/03/03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011/01/07 14:39:22 | 000,768,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll
MOD - [2011/01/07 14:39:22 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll
MOD - [2010/11/21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010/11/21 04:24:50 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll
MOD - [2010/11/21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010/11/21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2010/11/21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010/11/21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010/11/21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2010/11/21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010/11/21 04:24:16 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2010/11/21 04:24:16 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010/11/21 04:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2010/11/21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010/11/21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010/11/21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010/11/21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010/11/21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010/11/21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010/11/21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010/11/21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010/11/21 04:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010/11/21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010/11/21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010/11/21 04:24:08 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010/11/21 04:24:08 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2010/11/21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010/11/21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010/11/21 04:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010/11/21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010/11/21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010/11/21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010/11/21 04:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010/11/21 04:24:00 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll
MOD - [2010/11/21 04:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010/11/21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010/11/21 04:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010/11/21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010/11/21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010/11/21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010/11/21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010/11/21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010/11/21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010/11/21 04:23:48 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010/11/21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010/11/01 23:54:16 | 008,167,936 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtGui4.dll
MOD - [2010/11/01 23:54:16 | 002,281,984 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
MOD - [2010/09/30 02:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
MOD - [2010/09/30 02:05:32 | 000,038,512 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\BrightMgr.dll
MOD - [2010/09/30 02:05:32 | 000,036,464 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\VFuj02b1.dll
MOD - [2010/09/30 02:05:32 | 000,020,080 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\fuj02b1.dll
MOD - [2010/09/21 22:03:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
MOD - [2010/09/10 15:28:48 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\imageformats\qico4.dll
MOD - [2010/09/10 15:27:52 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\imageformats\qjpeg4.dll
MOD - [2010/09/10 15:20:24 | 010,836,992 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtWebKit4.dll
MOD - [2010/09/10 13:07:10 | 001,283,584 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtScript4.dll
MOD - [2010/09/10 12:41:54 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\phonon4.dll
MOD - [2010/09/10 12:11:38 | 000,911,872 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
MOD - [2010/09/10 12:10:02 | 000,339,456 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
MOD - [2009/08/13 14:06:00 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe
MOD - [2009/07/14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009/07/14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/07/14 02:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWanAPI.dll
MOD - [2009/07/14 02:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wwapi.dll
MOD - [2009/07/14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009/07/14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009/07/14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009/07/14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009/07/14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009/07/14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009/07/14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009/07/14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009/07/14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009/07/14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009/07/14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009/07/14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009/07/14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009/07/14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009/07/14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009/07/14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009/07/14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009/07/14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009/07/14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009/07/14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009/07/14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009/07/14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009/07/14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009/07/14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009/07/14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009/07/14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009/07/14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009/07/14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009/07/14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009/07/14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009/07/14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009/07/14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009/07/14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009/07/14 02:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2009/07/14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009/07/14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009/07/14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009/07/14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009/07/14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009/07/14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009/07/14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/07/14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe
MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009/07/14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009/07/14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009/07/14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009/07/14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2006/07/11 18:35:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll
MOD - [2004/01/11 23:00:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll
MOD - [2003/03/19 04:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp71.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2011/01/05 21:41:38 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:[b]64bit:[/b] - [2011/01/05 21:28:50 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:[b]64bit:[/b] - [2011/01/05 21:26:56 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:[b]64bit:[/b] - [2010/10/07 23:58:14 | 000,331,776 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
SRV:[b]64bit:[/b] - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010/06/17 23:47:12 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/12/23 08:15:52 | 002,697,752 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/12/23 08:15:52 | 001,339,968 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2012/12/23 08:15:52 | 001,024,576 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2012/12/23 08:15:52 | 000,367,640 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/12/22 14:34:00 | 000,287,584 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc)
SRV - [2012/12/15 09:43:56 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/29 09:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/03/14 16:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010/11/03 19:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/03/18 21:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,223,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,223,232 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/04/15 03:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2011/03/24 06:47:04 | 000,042,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\WDKMD.sys -- (wdkmd)
DRV:[b]64bit:[/b] - [2011/03/24 06:47:02 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:[b]64bit:[/b] - [2011/03/24 06:47:02 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/02/18 00:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2011/01/04 03:29:46 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:[b]64bit:[/b] - [2010/12/28 19:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:[b]64bit:[/b] - [2010/11/04 13:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:[b]64bit:[/b] - [2010/11/04 11:31:44 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:[b]64bit:[/b] - [2010/10/20 02:12:58 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:[b]64bit:[/b] - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010/10/14 17:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:[b]64bit:[/b] - [2010/10/09 13:35:38 | 001,801,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:[b]64bit:[/b] - [2010/05/07 03:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2009/11/19 13:45:08 | 000,299,568 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 01:01:09 | 000,679,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xnacc.sys -- (xnacc)
DRV:[b]64bit:[/b] - [2009/06/24 06:31:30 | 000,021,104 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FBIOSDRV.sys -- (FBIOSDRV)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2006/11/01 11:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
DRV:[b]64bit:[/b] - [2006/11/01 11:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
DRV - [2012/08/09 09:42:45 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/09 09:42:45 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {AB488C48-D7F7-41F2-BE8A-93F5CDE0662A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{AB488C48-D7F7-41F2-BE8A-93F5CDE0662A}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10025&barid={B8816DC0-4CF1-11E2-B55D-4C80933FA20E}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{AB488C48-D7F7-41F2-BE8A-93F5CDE0662A}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10025&barid={B8816DC0-4CF1-11E2-B55D-4C80933FA20E}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ig/redirectd [Binary data over 200 bytes]
IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10025&barid={B8816DC0-4CF1-11E2-B55D-4C80933FA20E}
IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\SearchScopes\{AB488C48-D7F7-41F2-BE8A-93F5CDE0662A}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG_plPL489
IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10025&barid={B8816DC0-4CF1-11E2-B55D-4C80933FA20E}
IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "v9"
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&barid={B8816DC0-4CF1-11E2-B55D-4C80933FA20E}&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "v9"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "v9"
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/23 12:03:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/23 12:15:22 | 000,000,000 | ---D | M]

[2012/06/28 10:03:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sklep\AppData\Roaming\mozilla\Extensions
[2012/12/23 12:27:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sklep\AppData\Roaming\mozilla\Firefox\Profiles\avn2kine.default\extensions
[2012/11/22 11:20:46 | 000,000,000 | ---D | M] ("Winamp Toolbar") -- C:\Users\sklep\AppData\Roaming\mozilla\Firefox\Profiles\avn2kine.default\extensions\{8b9fe9be-f7dd-451e-ac96-0e568e0ecc10}
[2012/12/23 12:26:47 | 000,169,792 | ---- | M] () (No name found) -- C:\Users\sklep\AppData\Roaming\mozilla\firefox\profiles\avn2kine.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012/11/22 11:20:52 | 000,002,533 | ---- | M] () -- C:\Users\sklep\AppData\Roaming\mozilla\firefox\profiles\avn2kine.default\searchplugins\aol-search.xml
[2012/12/23 12:13:22 | 000,003,998 | ---- | M] () -- C:\Users\sklep\AppData\Roaming\mozilla\firefox\profiles\avn2kine.default\searchplugins\sweetim.xml
[2012/06/28 10:36:52 | 000,002,357 | ---- | M] () -- C:\Users\sklep\AppData\Roaming\mozilla\firefox\profiles\avn2kine.default\searchplugins\winamp-web-search.xml
[2012/12/23 12:03:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/13 19:29:11 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/11/29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/06/28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/11/29 11:00:09 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012/11/29 11:00:09 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012/11/29 11:00:09 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012/11/29 11:00:09 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012/11/29 11:00:09 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012/11/29 11:00:09 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.lnk ()
O4 - HKLM..\Run: [Intel AppUp(SM) center_Nagware] C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.lnk ()
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe ()
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Malwarebytes' Anti-Malware\mbamgui.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1ABEBA52-42BF-415B-A1B7-52E4900891C4}: NameServer = 89.108.195.20 89.108.202.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{60AF6E04-1C97-4D2F-8437-983C3FF54BD9}: NameServer = 89.108.202.21 89.108.195.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C9047CFF-97CE-4BEF-96FF-D1152B59F25B}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/03/17 16:27:22 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008/10/10 18:12:34 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{0d7285fc-c87a-11e1-a8ae-4c80933fa20e}\Shell - "" = AutoRun
O33 - MountPoints2\{0d7285fc-c87a-11e1-a8ae-4c80933fa20e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 16:27:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{3f7f1081-bf7b-11e1-a9cc-4c80933fa20e}\Shell - "" = AutoRun
O33 - MountPoints2\{3f7f1081-bf7b-11e1-a9cc-4c80933fa20e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 16:27:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{3f7f108e-bf7b-11e1-a9cc-4c80933fa20e}\Shell - "" = AutoRun
O33 - MountPoints2\{3f7f108e-bf7b-11e1-a9cc-4c80933fa20e}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{77274670-bbc0-11e1-a38d-4c80933fa20e}\Shell - "" = AutoRun
O33 - MountPoints2\{77274670-bbc0-11e1-a38d-4c80933fa20e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 16:27:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{77274708-bbc0-11e1-a38d-4c80933fa20e}\Shell - "" = AutoRun
O33 - MountPoints2\{77274708-bbc0-11e1-a38d-4c80933fa20e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 16:27:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{d29483a8-c0fe-11e1-a95f-4c80933fa20e}\Shell - "" = AutoRun
O33 - MountPoints2\{d29483a8-c0fe-11e1-a95f-4c80933fa20e}\Shell\AutoRun\command - "" = I:\Setup.exe
O33 - MountPoints2\{dd6d21be-0be1-11e2-9fad-4c80933fa20e}\Shell - "" = AutoRun
O33 - MountPoints2\{dd6d21be-0be1-11e2-9fad-4c80933fa20e}\Shell\AutoRun\command - "" = F:\RunGame.exe
O33 - MountPoints2\{f90c0fb7-ccfb-11e1-a72b-4c80933fa20e}\Shell - "" = AutoRun
O33 - MountPoints2\{f90c0fb7-ccfb-11e1-a72b-4c80933fa20e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 16:27:22 | 000,148,320 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- C:\Windows\svchost.com "%1" %* ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- C:\Windows\svchost.com "%1" %* ()
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- C:\Windows\svchost.com "%1" %* ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- C:\Windows\svchost.com "%1" %* ()
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe - (McAfee, Inc.)
MsConfig:64bit - StartUpFolder: C:^Users^sklep^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Torpedo.lnk - - File not found
MsConfig:64bit - StartUpReg: [b]Skype[/b] - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: [b]UCam_Menu[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig:64bit - StartUpReg: [b]YouCam Mirror Tray icon[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012/12/23 13:32:40 | 000,000,000 | ---D | C] -- C:\Users\sklep\Documents\Zdjecia
[2012/12/23 13:32:10 | 000,000,000 | ---D | C] -- C:\Users\sklep\Documents\Rejestr
[2012/12/23 13:30:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\OTL.exe
[2012/12/23 13:05:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/12/23 13:05:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/12/23 13:05:33 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2012/12/23 12:50:36 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\Malwarebytes
[2012/12/23 12:48:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/12/23 12:15:22 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa
[2012/12/23 12:13:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2012/12/23 12:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2012/12/23 08:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\OnlineUpdate
[2012/12/23 08:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\log
[2012/12/22 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\sklep\Documents\NFS ProStreet
[2012/12/22 14:32:36 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\PunkBuster
[2012/12/22 10:47:55 | 000,000,000 | RH-D | C] -- C:\Users\sklep\AppData\Roaming\SecuROM
[2012/12/22 10:01:16 | 000,000,000 | ---D | C] -- C:\Users\sklep\Desktop\Od Daniela
[2012/12/19 19:02:56 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{8DA0E338-E044-4250-8C05-B8480195DF40}
[2012/12/17 18:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012/12/16 15:04:17 | 000,000,000 | ---D | C] -- C:\Users\sklep\Documents\Deluxe Ski Jump 4
[2012/12/16 15:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4
[2012/12/15 17:36:17 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{78D14B6B-30D2-407C-82BE-75BA67E53740}
[2012/12/15 17:33:28 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{831B6800-491A-4BC7-B6DA-A8BDD97377C2}
[2012/12/15 16:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skoki Narciarskie 2004
[2012/12/15 16:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters
[2012/12/15 09:44:07 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012/12/15 09:44:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2012/12/09 11:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Company
[2012/12/08 12:41:06 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/12/08 12:41:06 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/12/08 12:41:06 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/12/08 12:41:06 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/12/08 12:41:05 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/12/08 12:41:05 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/12/08 12:41:05 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/12/08 12:41:05 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/12/08 12:41:05 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/12/08 12:41:05 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/12/08 12:41:03 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/12/08 12:41:03 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/12/08 12:28:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1C Publishing EU
[2012/12/08 12:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Publishing EU
[2012/12/07 20:12:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/12/07 20:12:48 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/12/07 19:53:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefront
[2012/12/07 19:22:50 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/12/02 20:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/12/02 20:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/12/02 19:27:24 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012/12/02 19:27:24 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012/12/02 19:27:23 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012/12/02 19:27:23 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012/12/02 19:27:22 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/12/02 19:27:22 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/12/02 19:27:22 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/12/02 19:27:22 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/12/02 19:27:22 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/12/02 19:27:22 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/12/02 19:27:21 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/12/02 19:27:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/12/02 19:27:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/12/02 19:27:20 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/12/02 19:27:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/12/02 19:27:16 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/12/02 19:27:16 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/12/02 19:27:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/12/02 19:27:16 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/12/02 19:27:16 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/12/02 19:27:16 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/12/02 19:27:16 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/12/02 19:27:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/12/02 19:27:15 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/12/02 19:27:15 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/12/02 19:27:15 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/12/02 19:27:15 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/12/02 19:27:14 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/12/02 19:27:14 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/12/02 19:27:14 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/12/02 19:27:14 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/12/02 19:27:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/12/02 19:27:13 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/12/02 19:27:13 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/12/02 19:27:13 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/12/02 19:27:12 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012/12/02 19:27:12 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012/12/02 19:27:12 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012/12/02 19:27:12 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012/12/02 19:27:11 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012/12/02 19:27:11 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012/12/02 19:27:11 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/12/02 19:27:11 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/12/02 19:27:10 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/12/02 19:27:10 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/12/02 19:27:10 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/12/02 19:27:10 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/12/02 19:27:09 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/12/02 19:27:09 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/12/02 19:27:08 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/12/02 19:27:08 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/12/02 19:27:08 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/12/02 19:27:08 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/12/02 19:27:08 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/12/02 19:27:08 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/12/02 19:27:07 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/12/02 19:27:07 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/12/02 19:27:06 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/12/02 19:27:06 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/12/02 19:27:06 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/12/02 19:27:06 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/12/02 19:27:05 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/12/02 19:27:05 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/12/02 19:27:05 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/12/02 19:27:05 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/12/02 19:27:04 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/12/02 19:27:04 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/12/02 19:27:04 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/12/02 19:27:04 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/12/02 19:27:03 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/12/02 19:27:03 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/12/02 19:27:03 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/12/02 19:27:03 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/12/02 19:27:03 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/12/02 19:27:03 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/12/02 19:27:02 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/12/02 19:27:02 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/12/02 19:27:02 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/12/02 19:27:02 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/12/02 19:27:01 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/12/02 19:27:01 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/12/02 19:27:01 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/12/02 19:27:01 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/12/02 19:26:59 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/12/02 19:26:59 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/12/02 19:26:59 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/12/02 19:26:59 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/12/02 19:26:58 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/12/02 19:26:58 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/12/02 19:26:58 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/12/02 19:26:58 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/12/02 19:26:58 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/12/02 19:26:58 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/12/02 19:26:58 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/12/02 19:26:58 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/12/02 19:26:57 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/12/02 19:26:57 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/12/02 19:26:57 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/12/02 19:26:57 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/12/02 19:26:53 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/12/02 19:26:53 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/12/02 19:26:52 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/12/02 19:26:52 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/12/02 19:26:52 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/12/02 19:26:52 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/12/02 19:26:52 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/12/02 19:26:52 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/12/02 19:26:51 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/12/02 19:26:51 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/12/02 19:26:50 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/12/02 19:26:50 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/12/02 19:26:49 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/12/02 19:26:49 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/12/02 19:26:48 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/12/02 19:26:48 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/12/02 19:26:47 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/12/02 19:26:47 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012/12/01 16:17:03 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\Rovio
[2012/11/25 12:53:15 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\Tific
[2012/11/25 12:53:03 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\Symantec
[2012/11/18 16:30:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012/11/18 16:05:18 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\GoPlayer_downloader
[2012/11/18 15:41:47 | 000,000,000 | ---D | C] -- C:\User Data
[2012/11/18 15:41:46 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\GoPlayer
[2012/11/18 15:37:16 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\Torpedo
[2012/11/18 12:04:01 | 000,000,000 | ---D | C] -- C:\Users\sklep\Documents\18 WoS Haulin
[2012/11/18 12:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\18 Wheels of Steel Haulin
[2012/11/18 12:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\18 Wheels of Steel Haulin
[2012/11/16 07:09:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/11/15 19:19:51 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/11/15 19:19:50 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/11/15 19:19:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/11/15 19:19:50 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/11/15 19:19:49 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/11/15 19:19:49 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/11/15 19:19:49 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/11/15 19:19:49 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/11/15 19:19:49 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/11/15 19:19:49 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/11/15 19:19:49 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/11/15 19:19:48 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/11/15 19:19:47 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/11/15 19:19:47 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/11/15 19:19:47 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/11/15 19:19:21 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/11/15 19:19:21 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/11/15 19:19:21 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/11/15 19:19:21 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/11/15 00:11:06 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/11/15 00:11:06 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/11/15 00:11:06 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/11/15 00:10:59 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/11/15 00:10:59 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/11/15 00:10:59 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/11/15 00:10:59 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/11/15 00:10:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/11/15 00:10:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/11/15 00:09:33 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/11/15 00:09:33 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/11/13 19:35:47 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{B83D7D1A-5401-4A40-A57F-C8EE5D695782}
[2012/11/13 19:29:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/11/12 06:45:01 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{EB9DFC3F-328C-4C39-ACA5-7A49D4208C58}
[2012/11/12 06:34:01 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{3995F340-48F8-4ACC-AD6C-AFC6A4E6C5D0}
[2012/11/02 15:02:32 | 000,000,000 | ---D | C] -- C:\Users\sklep\Desktop\Nowy folder (3)
[2012/11/02 14:34:16 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{51A6B1AF-F929-4F28-A516-052956392204}
[2012/10/27 16:20:26 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{A9FC08E6-C2B1-4A56-8180-D6DEE067DEFF}
[2012/10/26 11:39:47 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{D82C30C5-CA2E-412E-AB8F-C756462334AB}
[2012/10/24 14:52:41 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{78CA250A-B5DD-4F35-A641-9BA757BD2F1D}
[2012/10/24 14:36:45 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{780603F8-D9B8-42A9-99CE-8CA08450DC18}
[2012/10/24 14:31:55 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{C3629BEB-8D15-44D5-AE99-3416903FAE29}
[2012/10/24 14:07:45 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{A867EF02-6DC1-4218-8C2D-7C5749F2DAC7}

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012/12/23 13:54:24 | 004,194,304 | -HS- | M] () -- C:\Users\sklep\NTUSER.DAT
[2012/12/23 13:50:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2012/12/23 13:50:43 | 000,000,052 | ---- | M] () -- C:\Windows\directx.sys
[2012/12/23 13:27:04 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/23 13:17:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/23 13:11:28 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/23 13:11:28 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/23 13:08:53 | 001,662,556 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/23 13:08:53 | 000,737,980 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012/12/23 13:08:53 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/23 13:08:53 | 000,154,636 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012/12/23 13:08:53 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/23 13:05:34 | 000,000,714 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/23 13:04:17 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/23 13:04:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012/12/23 13:04:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/23 13:04:04 | 1541,894,144 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/23 13:03:39 | 001,137,148 | -H-- | M] () -- C:\Users\sklep\AppData\Local\IconCache.db
[2012/12/23 12:20:47 | 000,041,472 | ---- | M] () -- C:\Windows\svchost.com
[2012/12/23 12:15:22 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012/12/23 12:03:41 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/15 09:20:57 | 000,126,054 | ---- | M] () -- C:\Users\sklep\Desktop\79.jpg
[2012/12/09 10:39:50 | 000,001,980 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/12/07 20:12:49 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/11/25 12:41:49 | 000,076,216 | ---- | M] () -- C:\Windows\SysNative\drivers\117afe766bdbd539.sys
[2012/11/15 19:47:55 | 000,066,208 | ---- | M] () -- C:\Users\sklep\AppData\Local\GDIPFONTCACHEV1.DAT
[2012/11/15 19:47:14 | 000,288,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/10/27 14:47:28 | 170,938,873 | ---- | M] () -- C:\Users\sklep\Desktop\Klub Galeon - DJ Hazel (20.10.2012).mp3

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012/12/23 13:05:34 | 000,000,714 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/23 13:03:39 | 001,137,148 | -H-- | C] () -- C:\Users\sklep\AppData\Local\IconCache.db
[2012/12/23 12:15:22 | 000,000,949 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012/12/23 12:14:02 | 000,002,231 | ---- | C] () -- C:\Users\sklep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
[2012/12/23 08:16:05 | 000,000,052 | ---- | C] () -- C:\Windows\directx.sys
[2012/12/23 08:15:38 | 000,041,472 | ---- | C] () -- C:\Windows\svchost.com
[2012/12/22 14:28:00 | 170,938,873 | ---- | C] () -- C:\Users\sklep\Desktop\Klub Galeon - DJ Hazel (20.10.2012).mp3
[2012/12/15 09:20:55 | 000,126,054 | ---- | C] () -- C:\Users\sklep\Desktop\79.jpg
[2012/12/07 20:12:49 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/02 20:03:21 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/12/02 20:03:21 | 000,001,980 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/11/25 12:41:49 | 000,076,216 | ---- | C] () -- C:\Windows\SysNative\drivers\117afe766bdbd539.sys
[2012/11/16 07:10:07 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/16 07:09:58 | 000,785,512 | ---- | C] () -- C:\Windows\SysNative\drivers\Wdf01000.sys
[2012/11/16 07:09:58 | 000,054,376 | ---- | C] () -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/11/15 19:19:22 | 000,198,656 | ---- | C] () -- C:\Windows\SysNative\drivers\WUDFRd.sys
[2012/11/15 19:19:22 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\drivers\WUDFPf.sys
[2012/11/15 19:19:21 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/15 00:11:02 | 003,149,824 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2012/11/15 00:10:59 | 001,914,248 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2012/11/15 00:10:59 | 000,045,568 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpipreg.sys
[2012/06/21 20:32:50 | 000,047,104 | ---- | C] () -- C:\Windows\SysWow64\KMVIDC32.DLL
[2012/06/21 19:44:30 | 000,593,920 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/06/21 19:44:29 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2012/06/21 19:44:29 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/06/21 19:44:29 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/06/21 19:44:29 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2012/03/21 00:28:09 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2012/03/21 00:28:09 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012/03/21 00:28:09 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2012/03/20 16:33:51 | 000,524,288 | -HS- | C] () -- C:\Users\sklep\NTUSER.DAT{a00e996f-7c64-11e0-97d8-e5d5d5fc43bc}.TMContainer00000000000000000002.regtrans-ms
[2012/03/20 16:33:51 | 000,524,288 | -HS- | C] () -- C:\Users\sklep\NTUSER.DAT{a00e996f-7c64-11e0-97d8-e5d5d5fc43bc}.TMContainer00000000000000000001.regtrans-ms
[2012/03/20 16:33:51 | 000,066,208 | ---- | C] () -- C:\Users\sklep\AppData\Local\GDIPFONTCACHEV1.DAT
[2012/03/20 16:33:51 | 000,065,536 | -HS- | C] () -- C:\Users\sklep\NTUSER.DAT{a00e996f-7c64-11e0-97d8-e5d5d5fc43bc}.TM.blf
[2012/03/20 16:33:50 | 004,194,304 | -HS- | C] () -- C:\Users\sklep\NTUSER.DAT
[2012/03/20 16:33:50 | 000,000,020 | -HS- | C] () -- C:\Users\sklep\ntuser.ini
[2011/05/12 08:11:47 | 001,637,966 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/02 01:21:18 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/05/02 01:21:15 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/05/02 01:21:12 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/05/02 01:21:09 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/05/02 01:21:06 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2011/05/12 08:54:37 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Fujitsu
[2011/05/12 08:54:37 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Fujitsu
[2012/12/09 11:01:54 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\DAEMON Tools Lite
[2011/05/12 08:54:37 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Fujitsu
[2012/03/20 16:42:03 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Fujitsu Launch Center
[2012/12/09 10:48:03 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\GoPlayer
[2012/12/23 12:57:18 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\GoPlayer_downloader
[2012/12/23 12:15:08 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\OpenCandy
[2012/06/21 18:21:48 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\PLAY ONLINE
[2012/12/01 16:17:03 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Rovio
[2012/11/25 12:53:15 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Tific

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2012/12/23 13:04:04 | 1541,894,144 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/23 13:50:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.exe
[2012/12/23 13:04:09 | 2055,860,224 | -HS- | M] () -- C:\pagefile.sys

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_8d262bb914685338\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.21642_none_18a01f1dee8824aa\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009/07/14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys
[2009/07/14 01:00:13 | 000,006,656 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\cdrom.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008/06/06 13:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2011/04/12 02:40:22 | 000,950,656 | ---- | M] (Microsoft Corporation) MD5=303310C91F8C0740ED1C76851C759874 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21628_none_066fff3d4bd0b870\ndis.sys
[2012/08/22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2011/04/12 02:40:22 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17530_none_05d3903632c269df\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012/12/23 13:41:26 | 000,259,656 | ---- | M] () MD5=4AEE5FED7BEFB3387234DD3AA2E5BDD6 -- C:\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< End of report >[/log]

Extras
[log]OTL Extras logfile created on: 12/23/2012 1:52:30 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1.91 Gb Total Physical Memory | 0.77 Gb Available Physical Memory | 40.13% Memory free
3.83 Gb Paging File | 2.32 Gb Available in Paging File | 60.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 50.00 Gb Total Space | 5.86 Gb Free Space | 11.73% Space Free | Partition Type: NTFS
Drive D: | 395.13 Gb Total Space | 349.24 Gb Free Space | 88.39% Space Free | Partition Type: NTFS
Drive F: | 33.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: SKLEP-FUJITSU | User Name: sklep | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.exe[@ = exefile] -- C:\Windows\svchost.com ()
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- C:\Windows\svchost.com ()

[HKEY_USERS\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- C:\Windows\svchost.com "%1" %* ()
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- C:\Windows\svchost.com "%1" %* ()
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07301401-D294-4C50-8DF4-B78F052BE391}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0785C062-9EDF-4DA3-8D6E-7341FF2E30A1}" = lport=445 | protocol=6 | dir=in | app=system |
"{0D3C7444-1C69-4E59-916B-3BB637F4E1A1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{17150756-01CB-4406-9EE1-246505B39279}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{30849A37-399C-429B-8EFA-2745336081DA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{43BCFD70-4A23-423C-A567-A030B4876D1F}" = lport=137 | protocol=17 | dir=in | app=system |
"{700303FB-C795-4B9A-A801-59950F28E85F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{776CFCC2-0DBB-40FD-A694-15C0E03CF064}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7B9A7BF9-A15E-4AE7-A397-0FD98B8684EE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7D046662-52FC-4FB2-87EC-9B7B5C19E6AE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7F3233C3-A66F-4D19-89DF-A4BD35EC6A69}" = rport=137 | protocol=17 | dir=out | app=system |
"{8E1E1B79-64C8-47A3-A021-2788D4715BD5}" = rport=139 | protocol=6 | dir=out | app=system |
"{9B2951C4-EDFF-4583-988D-2648E68E9732}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9D666DC3-6FEC-4AC4-8169-47BC942FAD4D}" = rport=138 | protocol=17 | dir=out | app=system |
"{A9F27766-7C64-4290-AA22-76266DDD7A44}" = lport=139 | protocol=6 | dir=in | app=system |
"{AB147182-9829-46C0-8068-FC2B6A5A64AB}" = rport=445 | protocol=6 | dir=out | app=system |
"{ADC9B70A-2439-4A05-AE75-6EC04FA0E841}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B415F50B-1211-4949-99B7-05BDBF4A2333}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CAFA6D2C-9F91-48BA-9A48-B7EB87511179}" = lport=138 | protocol=17 | dir=in | app=system |
"{D58F6D80-9B61-4082-A946-D89DA141C7BF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF7362D5-2BCC-4EE4-8050-A8AEBB53FEAF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E3AB3A43-5435-4EC9-9C65-846D35B4ADB4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FFF96442-F3C4-4DC5-9906-6EDA5BA31E71}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04462EE9-AFCC-4B94-A876-35A8A5706ECA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0714F232-E193-48C5-89DF-2D85CD326B77}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{10326CF3-4BA5-4582-B097-A76B4704AA42}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{196A28DB-71CF-44B8-BAC4-A0BD5E82CFB3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3D5036E5-2531-41A3-ADA3-EDB0AA4DC513}" = dir=in | name=core networking - system ip core |
"{3D6B8CC2-9062-401C-A995-5017ABD748BD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{43BDC9E2-8808-4193-BB6C-AFE4743953C0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4705023B-662B-49A7-B21D-34D398EF5745}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E4F28E9-501A-4F71-9DC4-B21ADA95FF96}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr9.exe |
"{5640200C-8E4C-43AA-A3B4-1D7DBE346928}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{5D42F6A9-C153-4B7B-AED8-63EB54D0E61A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{74E158D6-BB4F-48EE-A0AD-F56B45609B6B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79B919AC-1015-4621-A074-582B23E57719}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7F15B47E-5BF9-491A-9201-196133556063}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{94D1037F-42C5-4421-9EFE-D44E383E61A7}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{A381E0E8-75E2-460B-AC69-E8D3BA0CFE69}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{ABA8B654-54F6-4ADA-B362-9391CF45304D}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{AD576577-7128-4F84-A1CF-E69DFFD4E14E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B62801D0-A7EF-4A80-B702-DBB774A00650}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B7063BC6-BFD2-4E63-B9F9-B3CBB5C4A562}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C2D91E0A-39D2-4EE4-A7B7-4DDE3D0B1679}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C3B28FC3-0885-4878-9B3A-75CBBD60A6F1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D0AC4F18-AC8E-4C63-9A67-D07C0DFF5CB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D48DDF3F-EA16-411E-B8A4-A54674DD3251}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E4C8593B-EE53-488A-A914-1B2488A9213D}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{E638C8B9-6070-4B7C-BD79-2F7F6A72061B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E77EFF8B-EB04-427D-B198-324EFA5BCFDD}" = dir=out | name=core networking - system ip core |
"{F7EF74F2-77D6-48AB-8F0E-F5178F7440B7}" = protocol=6 | dir=out | app=system |
"{FAD9F5BC-B01F-43EB-AB02-CD1B627D48A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FB5C97E7-B7D7-4055-AB03-8E83C223E871}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{966A3EAB-ABDA-46EA-84EC-965778B085FA}D:\fifa\game\fifa.exe" = protocol=6 | dir=in | app=d:\fifa\game\fifa.exe |
"TCP Query User{E5E7696F-C58E-4EFA-8D8E-F47E18A50C0F}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{A5D088CA-B913-40F0-8857-FE2A006E64F8}D:\fifa\game\fifa.exe" = protocol=17 | dir=in | app=d:\fifa\game\fifa.exe |
"UDP Query User{AEA7FB89-E96C-4B51-8155-FA42244C8B99}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}" = Intel(R) PROSet/Wireless WiFi Software
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A5FADEAC-B0A9-4C27-A8B5-05381A339F4E}" = Plugfree NETWORK
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}" = SweetPacks bundle uninstaller
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25680C01-6753-4FE9-A891-7857F26457C1}" = Intel(R) WiDi
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{49A588CF-5FD4-4774-BFBF-0764287DE82B}" = Power Saving Utility
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}" = Anytime USB Charge Utility
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{81FF29CE-2D23-45FC-8BDE-7491A15F2B02}" = NecroVisioN
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FE212F5-8BF7-4CD1-BFF3-650B7EBD5CAC}" = Theatre of War 2: Africa
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1045-7B44-A91000000001}" = Adobe Reader 9.1 - Polish
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ALLPlayer V3.0_is1" = ALLPlayer V3.X
"DeskUpdate_is1" = DeskUpdate 4.11
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"Intel AppUp(SM) center 29342" = Intel AppUp(SM) center
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.2.0 Full
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 17.0.1 (x86 pl)" = Mozilla Firefox 17.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Paintball Shooter" = Paintball Shooter
"PLAY ONLINE" = PLAY ONLINE
"RealAlt_is1" = Real Alternative 2.0.2
"Shockwave" = Shockwave
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"1323287040.portal.qtrax.com" = Qtrax Player
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 12/23/2012 7:35:26 AM | Computer Name = sklep-Fujitsu | Source = Software Protection Platform Service | ID = 1001
Description = Nie można uruchomić usługi ochrony oprogramowania. 0xD0000022 6.1.7601.17514

Error - 12/23/2012 7:38:32 AM | Computer Name = sklep-Fujitsu | Source = Software Protection Platform Service | ID = 1001
Description = Nie można uruchomić usługi ochrony oprogramowania. 0xD0000022 6.1.7601.17514

Error - 12/23/2012 7:39:50 AM | Computer Name = sklep-Fujitsu | Source = Software Protection Platform Service | ID = 1001
Description = Nie można uruchomić usługi ochrony oprogramowania. 0xD0000022 6.1.7601.17514

Error - 12/23/2012 7:49:23 AM | Computer Name = sklep-Fujitsu | Source = WinMgmt | ID = 10
Description =

Error - 12/23/2012 7:58:07 AM | Computer Name = sklep-Fujitsu | Source = WinMgmt | ID = 10
Description =

Error - 12/23/2012 8:00:09 AM | Computer Name = sklep-Fujitsu | Source = LMS | ID = 2
Description =

Error - 12/23/2012 8:00:13 AM | Computer Name = sklep-Fujitsu | Source = LMS | ID = 2
Description =

Error - 12/23/2012 8:04:43 AM | Computer Name = sklep-Fujitsu | Source = WinMgmt | ID = 10
Description =

Error - 12/23/2012 8:06:24 AM | Computer Name = sklep-Fujitsu | Source = LMS | ID = 2
Description =

Error - 12/23/2012 8:06:26 AM | Computer Name = sklep-Fujitsu | Source = LMS | ID = 2
Description =

[ Media Center Events ]
Error - 9/2/2012 2:50:05 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0
Description = 08:49:59 - Błąd podczas nawiązywania połączenia z Internetem. 08:49:59
- Nie można skontaktować się z serwerem..

Error - 9/2/2012 3:50:10 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0
Description = 09:50:10 - Błąd podczas nawiązywania połączenia z Internetem. 09:50:10
- Nie można skontaktować się z serwerem..

Error - 9/2/2012 3:50:16 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0
Description = 09:50:15 - Błąd podczas nawiązywania połączenia z Internetem. 09:50:15
- Nie można skontaktować się z serwerem..

Error - 9/7/2012 11:31:07 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0
Description = 17:31:06 - Błąd podczas nawiązywania połączenia z Internetem. 17:31:06
- Nie można skontaktować się z serwerem..

Error - 9/7/2012 11:31:16 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0
Description = 17:31:12 - Błąd podczas nawiązywania połączenia z Internetem. 17:31:12
- Nie można skontaktować się z serwerem..

Error - 9/7/2012 12:31:27 PM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0
Description = 18:31:27 - Błąd podczas nawiązywania połączenia z Internetem. 18:31:27
- Nie można skontaktować się z serwerem..

Error - 9/7/2012 12:31:38 PM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0
Description = 18:31:32 - Błąd podczas nawiązywania połączenia z Internetem. 18:31:32
- Nie można skontaktować się z serwerem..

Error - 9/8/2012 11:27:33 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0
Description = 17:27:32 - Błąd podczas nawiązywania połączenia z Internetem. 17:27:33
- Nie można skontaktować się z serwerem..

Error - 9/8/2012 11:27:43 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0
Description = 17:27:38 - Błąd podczas nawiązywania połączenia z Internetem. 17:27:38
- Nie można skontaktować się z serwerem..

Error - 9/16/2012 4:41:41 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0
Description = 10:41:35 - Błąd podczas nawiązywania połączenia z Internetem. 10:41:35
- Nie można skontaktować się z serwerem..

[ System Events ]
Error - 10/14/2012 2:41:22 PM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą PLAY ONLINE. OUC.

Error - 10/14/2012 2:41:22 PM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego
błędu: %%1053

Error - 10/15/2012 4:37:20 AM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą PLAY ONLINE. OUC.

Error - 10/15/2012 4:37:20 AM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego
błędu: %%1053

Error - 10/15/2012 8:27:41 AM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą PLAY ONLINE. OUC.

Error - 10/15/2012 8:27:41 AM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego
błędu: %%1053

Error - 10/15/2012 9:30:04 AM | Computer Name = sklep-Fujitsu | Source = volsnap | ID = 393252
Description =

Error - 10/15/2012 10:39:37 AM | Computer Name = sklep-Fujitsu | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 16:38:42 na ?2012-?10-?15 było
nieoczekiwane.

Error - 10/15/2012 10:39:52 AM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą PLAY ONLINE. OUC.

Error - 10/15/2012 10:39:52 AM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego
błędu: %%1053


< End of report >[/log]

Skan Malwarebytes
[log]Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Wersja bazy: v2012.12.23.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
sklep :: SKLEP-FUJITSU [administrator]

2012-12-23 13:09:30
mbam-log-2012-12-23 (13-46-08).txt

Typ skanowania: Pełne skanowanie (C:\|D:\|)
Zaznaczone opcje skanowania: Pamięć | Rozruch | Rejestr | System plików | Heurystyka/Dodatkowe | Heuristyka/Shuriken | PUP | PUM
Odznaczone opcje skanowania: P2P
Przeskanowano obiektów: 312876
Upłynęło: 33 minut(y), 51 sekund(y)

Wykrytych procesów w pamięci: 1
c:\windows\installer\{1bab117e-2744-3882-54be-2440349a0960}\syshost.exe (Trojan.Agent) -> 1696 -> Nie wykonano akcji.

Wykrytych modułów w pamięci: 0
(Nie znaleziono zagrożeń)

Wykrytych kluczy rejestru: 58
HKCR\TypeLib\{D5B25613-B7D8-455E-BAC4-58A6DC1D7FCC} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\Interface\{A6A69A1D-2F7F-4896-8BFD-B762C12AFB7D} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SYSTEM\CurrentControlSet\Services\Bluetooth Media Service (Trojan.Agent) -> Nie wykonano akcji.
HKCR\TypeLib\{D37B5B2C-8D1B-4832-89E4-6FCE903B3A18} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SYSTEM\CurrentControlSet\Services\RichVideo (Trojan.Agent) -> Nie wykonano akcji.
HKCR\TypeLib\{3FA81047-5A4E-4080-BFFF-5975AE5E06D0} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\Interface\{4B436489-7BDC-40D7-81FC-563B2E7D2F07} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SYSTEM\CurrentControlSet\Services\Bluetooth OBEX Service (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SYSTEM\CurrentControlSet\Services\LMS (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SYSTEM\CurrentControlSet\Services\PLAY ONLINE. RunOuc (Trojan.Agent) -> Nie wykonano akcji.
HKCR\TypeLib\{9853D245-3E9D-4946-895A-F30D6396DEA6} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\Interface\{0B810B0A-AF72-4974-B47C-BFC1C0C4F770} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SYSTEM\CurrentControlSet\Services\UNS (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DeskUpdate_is1 (Trojan.Agent) -> Nie wykonano akcji.
HKCR\TypeLib\{A7D71146-EBCD-4E6C-916C-E77865BCC53B} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\Interface\{8CA6C1BB-BE62-4739-80AB-D5ECC7605358} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\TypeLib\{41738EEA-442F-477F-92CF-2889BD6CD7E7} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\Interface\{D3F22039-E3CF-4FC4-9A30-426A46056B8C} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\TypeLib\{91814EB1-B5F0-11D2-80B9-00104B1F6CEA} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\Interface\{0BA4BA22-2EF0-11D3-88C8-00C04F72F303} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GOOGLEUPDATE.EXE (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{399C37FB-08AF-493B-BFED-20FBD85EDF7F} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{49A588CF-5FD4-4774-BFBF-0764287DE82B} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{81FF29CE-2D23-45FC-8BDE-7491A15F2B02} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8FE212F5-8BF7-4CD1-BFF3-650B7EBD5CAC} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{96AE7E41-E34E-47D0-AC07-1091A8127911} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9AB97F52-512B-43EF-AAEC-4825C17B32ED} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\TypeLib\{D75A5D20-5D60-431B-9A34-0C6AD697F5E0} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\Interface\{2D0DFF62-A867-4350-8DF0-48164EB1644B} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Intel AppUp(SM) center 29342 (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KLiteCodecPack_is1 (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ALLPlayer V3.0_is1 (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PLAY ONLINE (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealAlt_is1 (Trojan.Agent) -> Nie wykonano akcji.
HKCR\TypeLib\{92980B1C-033B-4B23-81C7-881168CBFFC9} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\Interface\{18362938-DDA0-40AC-99CA-1FE49DC8B699} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MOVIEMAKER.EXE (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WLXALBUMDOWNLOADWIZARD.EXE (Trojan.Agent) -> Nie wykonano akcji.
HKCR\TypeLib\{5AB7792C-0F76-4003-AA47-5F075165D4DE} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\Interface\{5AB59828-D660-489E-AC97-F1996D5129B0} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\TypeLib\{9B5C8343-BDEE-475D-9D3B-3715C6B8972E} (Trojan.Agent) -> Nie wykonano akcji.
HKCR\Interface\{9B5C3F21-CE7D-4EB7-8166-D1E09F30FF5E} (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver (Trojan.Agent) -> Nie wykonano akcji.
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SYSHOST32 (Trojan.Agent) -> Nie wykonano akcji.

Wykrytych wartości rejestru: 13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SweetIM (Trojan.Agent) -> Data: C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Sweetpacks Communicator (Trojan.Agent) -> Data: C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\RICHVIDEO.EXE (Trojan.Agent) -> Data: 1 -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\INSTALLSHIELD\ENGINE\6\INTEL 32\IKERNEL.EXE (Trojan.Agent) -> Data: 1 -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\INSTALLSHIELD\PROFESSIONAL\RUNTIME\11\50\INTEL32\ISBEW64.EXE (Trojan.Agent) -> Data: 1 -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\PX STORAGE ENGINE\PXCPYA64.EXE (Trojan.Agent) -> Data: 2 -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\PX STORAGE ENGINE\PXCPYI64.EXE (Trojan.Agent) -> Data: 2 -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\PX STORAGE ENGINE\PXHPINST.EXE (Trojan.Agent) -> Data: 2 -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\PX STORAGE ENGINE\PXINSA64.EXE (Trojan.Agent) -> Data: 2 -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\PX STORAGE ENGINE\PXINSI64.EXE (Trojan.Agent) -> Data: 2 -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\EFFECTEXTRACTOR.EXE (Trojan.Agent) -> Data: 2 -> Nie wykonano akcji.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\RICHVIDEOINSTALL.EXE (Trojan.Agent) -> Data: 1 -> Nie wykonano akcji.
HKLM\SYSTEM\CurrentControlSet\Services\syshost32|ImagePath (Trojan.Agent) -> Data: "C:\Windows\Installer\{1BAB117E-2744-3882-54BE-2440349A0960}\syshost.exe" /service -> Nie wykonano akcji.

Wykryte wpisy rejestru systemowego: 1
HKCR\exefile\shell\open\command| (Broken.OpenCommand) -> Złe: (C:\Windows\svchost.com "%1" %*) Dobre: ("%1" %*) -> Nie wykonano akcji.

wykrytych folderów: 0
(Nie znaleziono zagrożeń)

Wykrytych plików: 251
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Fujitsu\Programs\DeskUpdate\DeskUpdate.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Fujitsu\Programs\DeskUpdate\ducmd.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Fujitsu\Programs\DeskUpdate\infinst64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Fujitsu\Programs\DeskUpdate\unins000.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Fujitsu\Programs\Google\FTSE_Google_Software_Installer.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Fujitsu\Programs\Nero\SetupX.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Fujitsu\Programs\Nero\Nero 9 Essentials\ipclog.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Fujitsu\Programs\Nero\Nero 9 Essentials\setupx.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Fujitsu\Webcam\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Fujitsu\Webcam\vcredist_x86.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\18 Wheels of Steel Haulin\haulin.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\18 Wheels of Steel Haulin\prism3d.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\18 Wheels of Steel Haulin\uninst.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\1C Publishing EU\NecroVisioN\Bin\NecroVisioN.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\1C Publishing EU\NecroVisioN\support\DirectX\DXSETUP.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\A3DUtility.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1045-7B44-A91000000001}\Setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\Intel Corporation\WiDiAgent\serviceManagerIWD.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\Intel Corporation\WiDiAgent\WiDiConnectTest64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\Intel Corporation\WiDiAgent\WiFiDnSServer.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\PX Storage Engine\pxcpya64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\PX Storage Engine\pxcpyi64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\PX Storage Engine\pxhpinst.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\PX Storage Engine\pxinsa64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\PX Storage Engine\pxinsi64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\SNP2UVC\vsnp2uvc.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\Software Update Utility\dnu.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\Windows Live\.cache\92f317d51cc107501\Silverlight.4.0.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\Windows Live\.cache\93381fbd1cc107502\DXSETUP.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Common Files\Windows Live\.cache\939032a71cc107503\DXSETUP.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\PowerDirector\CES_AudioCacheAgent.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\PowerDirector\CES_CacheAgent.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\PowerDirector\MotionMenuGenerator.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\PowerDirector\PDHanumanSvr.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\PowerDirector\PDR9.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\PowerDirector\UACAgent.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\PowerDirector\BigBang\CLUpdater.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\PowerDirector\OLRSubmission\OLRStateCheck.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\PowerDirector\OLRSubmission\OLRSubmission.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\PowerDirector\PDR32Agent\PDR32Agent.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\Shared files\EffectExtractor.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\Shared files\richvideoinstall.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\YouCam\OLRSubmission\OLRStateCheck.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\YouCam\OLRSubmission\OLRSubmission.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\CyberLink\YouCam\subsys\BigBang\Runtime\CLUpdater.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleUpdate.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleUpdateBroker.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleUpdateSetup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Google\Update\Download\{1BAE3D4B-BAAC-4A5B-A308-6409A33A08E3}\GoogleUpdateSetup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.123\GoogleUpdateSetup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.4.3230.2052\GoogleToolbarInstaller_updater_signed.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{4108974B-DE87-4AD4-9167-930C62C45691}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{49A588CF-5FD4-4774-BFBF-0764287DE82B}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{6226477E-444F-4DFE-BA19-9F4F7D4565BC}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{81FF29CE-2D23-45FC-8BDE-7491A15F2B02}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{8FE212F5-8BF7-4CD1-BFF3-650B7EBD5CAC}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{9AB97F52-512B-43EF-AAEC-4825C17B32ED}\Setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{C8E4B31D-337C-483D-822D-16F11441669B}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\CLZipTool.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{EC314CDF-3521-482B-A21C-65AC95664814}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\Bluetooth\btmsrvview.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\Bluetooth\libRun.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\Bluetooth\CoexDrivers\Dpinst64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\uninstall\Setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\uninstall\x64\Drv64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\uninstall\Setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\uninstall\x64\Drv64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\IntelAppStore\run_uninstaller.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\IntelAppStore\uninstall.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\IntelAppStore\bin\arh.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\IntelAppStore\bin\CrashReportSender.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismShutdownTool.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\IntelAppStore\bin\jrh.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\IntelAppStore\bin\MappingClient.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\IntelAppStore\bin\MessageMediator.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel\IntelAppStore\bin\orphan_app_sync.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel Corporation\Intel WiDi\iwdaud_helper.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel Corporation\Intel WiDi\AudioDriver\iwdaud_helper.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Intel Corporation\Intel WiDi\Certificates\CertMgr.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mplayerc.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\K-Lite Codec Pack\tools\fixcodecs.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\K-Lite Codec Pack\tools\graphedit.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\K-Lite Codec Pack\tools\gspot\gspot.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\MarBit\ALLPlayer\ALLPlayer.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\MarBit\ALLPlayer\DivXMux.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\MarBit\ALLPlayer\unins000.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\McAfee Security Scan\uninstall.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\McAfee Security Scan\3.0.285\mcuicnt.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Microsoft Games\Age of Empires II\empires2.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Microsoft Games\Age of Empires II\empires22.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Microsoft Office\Options14\OOBESTUB.EXE (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\AddPbk.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\mt.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\subinacl.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\uninst.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\XStartScreen.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\AutoRun\AutoRunSetup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\AutoRun\AutoRunUninstall.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\Driver\devsetup32.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\Driver\devsetup64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\Driver\DriverSetup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\Driver\DriverUninstall.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\UpdateDog\LiveUpd.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\PLAY ONLINE\UpdateDog\RunOuc.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Play.com.pl\Paintball Shooter\Paintball.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Real Alternative\mpclauncher.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Real Alternative\settings.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Real Alternative\unins000.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Real Alternative\Media Player Classic\mplayerc.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Real Alternative\Update_OB\upgrdhlp.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Realtek\Audio\Drivers\RtlUpd64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Realtek\Audio\InstallShield\Rtkupd64.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\revcon.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RmbChange.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Installer\defmgr.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Installer\LangSelector.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Installer\wlarp.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Installer\wlsettings.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Installer\wlstartup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Photo Gallery\WindowsLivePhotoViewer.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Photo Gallery\WLXAlbumDownloadWizard.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Photo Gallery\WLXCodecHost.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Photo Gallery\WLXQuickTimeControlHost.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Photo Gallery\WLXTranscode.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoAcquireWizard.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\WinRAR\Rar.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\WinRAR\Uninstall.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\WinRAR\UnRAR.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Program Files (x86)\WinRAR\WinRAR.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\DatacardService\DCService.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\DatacardService\HWDeviceService.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\setup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.cs-cz\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.cs-cz\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.en-us\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.en-us\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.es-es\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.es-es\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.fr-fr\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.fr-fr\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.pl-pl\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.pl-pl\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.pt-pt\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.pt-pt\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.sk-sk\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.sk-sk\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\Office14\SingleImage.WW\ose.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\cs-cz\Office.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\cs-cz\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\cs-cz\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\en-us\Office.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\en-us\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\en-us\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\es-es\Office.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\es-es\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\es-es\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\fr-fr\Office.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\fr-fr\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\fr-fr\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\pl-pl\Office.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\pl-pl\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\pl-pl\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\pt-pt\Office.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\pt-pt\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\pt-pt\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\sk-sk\Office.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\sk-sk\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\Microsoft\OEMOffice14\OStarter\sk-sk\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\PLAY ONLINE\OnlineUpdate\LiveUpd.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Users\sklep\AppData\Local\Microsoft\Windows Live\Installer\Catalog\wlsetup.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Users\sklep\AppData\Local\Temp\MSS\3.0.285.6\McUICnt.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Users\sklep\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\k3yp5ojf\marw9mf4.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Users\sklep\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\nraf31sv\npjrsbha.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Users\sklep\AppData\Roaming\OpenCandy\3E516B6657814A77A43344ED47B6C914\pcspeedup_oc.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Users\sklep\AppData\Roaming\PLAY ONLINE\ouc.exe (Trojan.Agent) -> Nie wykonano akcji.
C:\Windows\svchost.com (Trojan.Agent) -> Nie wykonano akcji.
D:\Fifa\unins000.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\Fifa\Game\Core\activation.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\Fifa\Game\Core\EACoreServer.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\Fifa\Game\Core\EAProxyInstaller.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\Fifa\Game\Core\PatchProgress.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\Fifa\Game\fifasetup\fifaconfig.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\Fifa\__Installer\Cleanup.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\Fifa\__Installer\Touchup.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\Fifa\__Installer\directx\redist\DXSETUP.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\Fifa\__Installer\vc\vc2008sp1\redist\vcredist_x64.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\Fifa\__Installer\vc\vc2008sp1\redist\vcredist_x86.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\hard\18_Wheels_of_Steel_Pedal_to_the_Metal\18 Wheels of Steel Pedal to the Metal\pp_1.1_patch.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\mini gry\mario.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\mini gry\BarbarianReturnsV1.10\Barbarian.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\nfs\EXPLORER.EXE (Password.Stealer) -> Nie wykonano akcji.
D:\nfs\lpl.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\nfs\ProStreet.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\nfs\PB\PnkBstrA.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\nfs\PB\PnkBstrB.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\nfs\Support\Need for Speed ProStreet_code.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\nfs\Support\Need for Speed ProStreet_uninst.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\war\options.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\war\MissionEditor\MissionGen.exe (Trojan.Agent) -> Nie wykonano akcji.
D:\war\rt\bin\unpack200.exe (Trojan.Agent) -> Nie wykonano akcji.
c:\windows\syshost.exe (Trojan.Downloader) -> Nie wykonano akcji.
c:\users\sklep\appdata\local\temp\syshost.exe (Spyware.Agent) -> Nie wykonano akcji.
c:\windows\serviceprofiles\localservice\appdata\local\temp\syshost.exe (Spyware.Agent) -> Nie wykonano akcji.
c:\windows\serviceprofiles\networkservice\appdata\local\temp\syshost.exe (Spyware.Agent) -> Nie wykonano akcji.
c:\windows\temp\syshost.exe (Spyware.Agent) -> Nie wykonano akcji.
c:\windows\installer\{1bab117e-2744-3882-54be-2440349a0960}\syshost.exe (Trojan.Agent) -> Nie wykonano akcji.

(zakończone)[/log]

Gość
komentarz
komentarz (edytowane)

Wesołych Świąt :)
1. Uruchom OTL i w okno [b]Własne opcje skanowania /skrypt[/b]


Wklej

[code]

:OTL
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...D-4C80933FA20E}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim....D-4C80933FA20E}
IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...D-4C80933FA20E}
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.order.1: "v9"
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&barid={B8816DC0-4CF1-11E2-B55D-4C80933FA20E}&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "v9"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "v9"
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe ()
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk = File not found
:Files
C:\Users\sklep\AppData\Local\Temp\3582-490\SweetIM.exe
C:\Program Files (x86)\SweetIM
C:\ProgramData\SweetIM
C:\Windows\svchost.com

:Commands
[emptytemp]
[/code]

Kliknij [b]Wykonaj skrypt[/b]

[quote]

O35:64bit: - HKLM\..exefile [open] -- [b]C:\Windows\svchost.com[/b] "%1" %* ()
O35 - HKLM\..exefile [open] -- [b]C:\Windows\svchost.com[/b] "%1" %* ()
O37:64bit: - HKLM\...exe [@ = exefile] -- [b]C:\Windows\svchost.com[/b] "%1" %* ()
O37 - HKLM\...exe [@ = exefile] -- [b]C:\Windows\svchost.com[/b] "%1" %* ()

[2012/12/23 13:50:43 | 000,000,052 | ---- | M] () -- [b]C:\Windows\directx.sys[/b]
[2012/12/23 12:20:47 | 000,041,472 | ---- | M] () -- [b]C:\Windows\svchost.com[/b]


[/quote]To oznaka paskudnego wirusa infekującego pliki wykonywalne neshta



[quote]



[2010/11/21 04:23:47 | 000,147,456 | ---- | M] () [b]Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/07/14 01:00:13 | 000,006,656 | ---- | M] () [b]Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\beep.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] () [b]Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] () [b]Unable to obtain MD5 [/b]-- C:\Windows\SysNative\drivers\AGP440.sys

[2012/11/25 12:41:49 | 000,076,216 | ---- | C] () -- C:\Windows\SysNative\drivers\[b]117afe766bdbd539.sys[/b]
[/quote]
To mi wyglada bardzo nie przyjemnie jakby system był zainfekowany necursem ale sterownika w wpisach nie widzę

robisz tak:
Skan [url="http://support.kaspersky.com/downloads/utils/tdsskiller.exe"]Kaspersky TDSS killer[/url]

jeżeli wykryje ten sterownik który podkreśliłem na czerwono zostawiasz mu domyślną akcje powinna to być delete ale nie jestem pewien zezwolisz mu na dezynfekcje i podasz z tego log

Wyskanujesz system skanerem [url="http://pc-com.pl/topic/8-poradnik-infekcje-w-plikach-wykonywalnych/#entry68"]Dr.Web cureIT[/url](pełne skany) tyle razy az nie wykryje zainfekowanego pliku (zarażone pliki maja być leczone a co się nie da usuwane)

Podasz nowy log z [url="http://support.kaspersky.com/downloads/utils/tdsskiller.exe"]TDSS killer[/url](akcje ustawisz na skip)
I nowy log z OTL

pawel78963
komentarz
komentarz

Mogę wykonać sam skrypt?

Gość
komentarz
komentarz

tak
wykonujesz skrypt po tym tdss killer i Dr.web do puki nie zwróci 0 zainfekowanych plików (oczywiście pełne skany) po tym nowy z tdss killera i OTL

pawel78963
komentarz
komentarz

Może się coś stać jeśli wykonam sam skrypt bez wykonania skanów tdss killer itd.? Wolę być ostrożny to nie mój laptop.

Natsuki Kuga
komentarz
komentarz

[quote name='pawel78963' timestamp='1356290774' post='1651688']
Może się coś stać jeśli wykonam sam skrypt bez wykonania skanów tdss killer itd.? Wolę być ostrożny to nie mój laptop.
[/quote]
Sam skrypt nie wyleczy infekcji plików wykonywalnych. Albo wykonasz wszystko albo nic.

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.