Dodam też, że pulpit ładuje mi się znacznie dłużej niż kiedyś - ok. minuty. I często pojawiają się "krzaczki" czy "artefakty" na monitorze, ale po poruszaniu ekranem albo podpięciu zasilania znikają. Z tym ostatnim byłem w serwisie, ale jak na złość wtedy wszystko działało ok i zwrócili mi laptopa z powrotem.
W załącznikach dołączam logi.Będę wdzięczny za pomoc i rady.
Logi:
1. OTL.txt
- Kod: Zaznacz wszystko
OTL logfile created on: 11/24/2012 7:38:49 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MATEUSZ\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
2.00 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 49.68% Memory free
4.00 Gb Paging File | 2.52 Gb Available in Paging File | 63.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58.22 Gb Total Space | 17.75 Gb Free Space | 30.48% Space Free | Partition Type: NTFS
Drive D: | 160.02 Gb Total Space | 39.35 Gb Free Space | 24.59% Space Free | Partition Type: NTFS
Computer Name: LAPTOP | User Name: MATEUSZ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2012/11/24 19:37:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MATEUSZ\Downloads\OTL.exe
PRC - [2012/11/09 15:40:59 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/10/20 21:28:14 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012/06/12 17:22:46 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/04/29 10:30:44 | 000,091,456 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010/04/29 10:30:32 | 000,279,360 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2009/11/03 18:49:09 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/09/16 02:34:34 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/09/03 19:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/08/20 05:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/08/17 18:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/08/12 23:20:46 | 000,178,816 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/06/24 21:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/19 00:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/05/14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2008/12/23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/14 05:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/07/19 04:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/03/31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2012/11/09 15:40:24 | 002,295,264 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/10/20 21:28:13 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2009/09/16 02:34:34 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/09/03 19:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2008/08/28 01:32:36 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008/06/09 18:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/06/15 19:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/02 02:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe /service -- (TMBMServer)
SRV:[b]64bit:[/b] - File not found [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV:[b]64bit:[/b] - [2012/09/12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2012/09/12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2011/11/23 11:27:10 | 001,267,000 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS)
SRV:[b]64bit:[/b] - [2009/09/17 20:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2012/11/09 15:40:58 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/12 17:22:46 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/05/31 16:26:34 | 000,374,160 | ---- | M] (Privacyware/PWI, Inc.) [Auto | Running] -- C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\pfsvc.exe -- (PFNet)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/04/29 10:30:44 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/15 02:03:42 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2008/03/31 11:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2012/08/30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2012/05/25 17:34:42 | 000,128,616 | ---- | M] (Privacyware/PWI, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pwipf6.sys -- (pwipf6)
DRV:[b]64bit:[/b] - [2012/03/01 07:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/03/11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/07/30 18:30:26 | 000,309,840 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmxpflt.sys -- (tmxpflt)
DRV:[b]64bit:[/b] - [2010/07/30 18:30:20 | 000,042,576 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmpreflt.sys -- (tmpreflt)
DRV:[b]64bit:[/b] - [2010/07/30 18:24:14 | 001,988,176 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vsapint.sys -- (vsapint)
DRV:[b]64bit:[/b] - [2009/11/03 18:49:47 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:[b]64bit:[/b] - [2009/10/05 02:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009/08/22 10:38:33 | 000,107,536 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:[b]64bit:[/b] - [2009/08/21 07:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:[b]64bit:[/b] - [2009/08/18 04:44:19 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009/07/20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/09 04:11:41 | 000,140,800 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2009/06/10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/06/05 11:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:[b]64bit:[/b] - [2009/05/13 02:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2008/12/08 17:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2008/05/24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:[b]64bit:[/b] - [2007/07/24 20:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{30F5AB16-9F1E-4E99-93F2-ECB9ABB0EC12}: "URL" = http://www.searchya.com/?q={searchTerms}&s=1&a=foxtab&chnl=ft-100&cd=2XzuyEtN2Y1L1QzuzytD0EyC0B0AyCtAyCtBzyzz0FyCyBtAtN0D0Tzu0CtBtCyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=765891326
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = about:blank
IE - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_pl
IE - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "v9"
FF - prefs.js..browser.search.order.1: "v9"
FF - prefs.js..browser.search.selectedEngine: "v9"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledAddons: ffxtlbr@searchya.com:1.5.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/09 15:41:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/11/09 15:40:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/09 15:41:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/11/09 15:40:13 | 000,000,000 | ---D | M]
[2011/01/26 18:49:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MATEUSZ\AppData\Roaming\mozilla\Extensions
[2012/10/23 14:05:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MATEUSZ\AppData\Roaming\mozilla\Firefox\Profiles\c16d6wqh.default\extensions
[2012/08/01 13:42:30 | 000,000,000 | ---D | M] (searchya.com) -- C:\Users\MATEUSZ\AppData\Roaming\mozilla\Firefox\Profiles\c16d6wqh.default\extensions\ffxtlbr@searchya.com
[2012/08/01 13:42:58 | 000,002,335 | ---- | M] () -- C:\Users\MATEUSZ\AppData\Roaming\mozilla\firefox\profiles\c16d6wqh.default\searchplugins\Search.xml
[2012/11/09 15:40:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/09 15:40:59 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/12/21 10:14:26 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2012/08/31 17:12:40 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012/08/31 17:12:40 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012/08/31 17:12:40 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012/08/31 17:12:40 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012/08/31 17:12:40 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012/08/31 17:12:40 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Web Search ()
CHR - default_search_provider: search_url = http://www.searchya.com/?q={searchTerms}&s=1&a=foxtab&chnl=ft-100&cd=2XzuyEtN2Y1L1QzuzytD0EyC0B0AyCtAyCtBzyzz0FyCyBtAtN0D0Tzu0CtBtCyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=765891326
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - homepage: http://www.searchya.com/?s=0&a=foxtab&chnl=ft-100&cd=2XzuyEtN2Y1L1QzuzytD0EyC0B0AyCtAyCtBzyzz0FyCyBtAtN0D0Tzu0CtBtCyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=765891326
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe (ECAREME)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Privatefirewall] C:\Program Files (x86)\Privacyware\Privatefirewall 7.0\PFGUI.exe (Privacyware/PWI, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:[b]64bit:[/b] - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Funkcja Google Sidewiki - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3578728466-2159932351-3549711082-1000\..Trusted Domains: wrzuta.pl ([]https in Zaufane witryny)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{143CFE6E-6CD5-49D3-9945-0BCD9FD981D0}: DhcpNameServer = 62.179.1.63 62.179.1.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7EB02F2-B9DA-46A0-B9D9-18D587CA24E6}: NameServer = 149.156.67.233,149.156.89.30
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7ab5938a-08d0-11e2-a430-90e6ba636298}\Shell - "" = AutoRun
O33 - MountPoints2\{7ab5938a-08d0-11e2-a430-90e6ba636298}\Shell\AutoRun\command - "" = F:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012/11/11 19:16:07 | 000,000,000 | ---D | C] -- C:\Users\MATEUSZ\AppData\Roaming\Malwarebytes
[2012/11/11 19:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/11 19:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/11/11 19:13:27 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/11/11 19:13:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/11/10 22:41:20 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/11/10 22:40:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/11/10 22:40:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/11/10 21:07:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/11/10 21:00:41 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2012/11/09 15:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[34 C:\Users\MATEUSZ\Documents\*.tmp files -> C:\Users\MATEUSZ\Documents\*.tmp -> ]
[2 C:\Users\MATEUSZ\Desktop\*.tmp files -> C:\Users\MATEUSZ\Desktop\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012/11/24 19:39:16 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/24 19:39:16 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/24 19:35:40 | 002,362,368 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/24 19:35:40 | 000,693,692 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012/11/24 19:35:40 | 000,635,286 | ---- | M] () -- C:\Windows\SysNative\perfh00E.dat
[2012/11/24 19:35:40 | 000,619,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/24 19:35:40 | 000,148,066 | ---- | M] () -- C:\Windows\SysNative\perfc00E.dat
[2012/11/24 19:35:40 | 000,134,730 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012/11/24 19:35:40 | 000,105,300 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/24 19:31:31 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/24 19:31:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/24 19:30:52 | 1610,035,200 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/24 19:18:11 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/23 18:35:55 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012/11/14 18:23:19 | 000,418,384 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/11 22:29:08 | 000,000,000 | -H-- | M] () -- C:\Users\MATEUSZ\Documents\Default.rdp
[2012/11/11 22:06:24 | 000,002,558 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/11/11 19:13:38 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/10 22:41:21 | 000,000,350 | -H-- | M] () -- C:\Windows\tasks\avast! Emergency Update.job
[2012/11/10 22:41:20 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/10/30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[34 C:\Users\MATEUSZ\Documents\*.tmp files -> C:\Users\MATEUSZ\Documents\*.tmp -> ]
[2 C:\Users\MATEUSZ\Desktop\*.tmp files -> C:\Users\MATEUSZ\Desktop\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012/11/11 22:29:08 | 000,000,000 | -H-- | C] () -- C:\Users\MATEUSZ\Documents\Default.rdp
[2012/11/11 19:13:38 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/11/10 22:41:21 | 000,000,350 | -H-- | C] () -- C:\Windows\tasks\avast! Emergency Update.job
[2012/10/12 14:44:15 | 000,000,021 | ---- | C] () -- C:\Users\MATEUSZ\AppData\Roaming\ISOWorkshop.ini
[2012/08/01 16:45:04 | 000,000,146 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/08/01 13:41:21 | 000,384,835 | ---- | C] () -- C:\Users\MATEUSZ\AppData\Local\speeddial.crx
[2012/07/31 15:48:08 | 000,100,913 | ---- | C] () -- C:\ProgramData\1343745966.bdinstall.bin
[2012/07/31 15:43:45 | 000,212,879 | ---- | C] () -- C:\ProgramData\1343745483.bdinstall.bin
[2012/07/31 15:37:11 | 000,035,074 | ---- | C] () -- C:\ProgramData\1343745343.bdinstall.bin
[2012/06/12 17:22:50 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/06/12 17:22:46 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/05/29 13:31:52 | 000,017,408 | ---- | C] () -- C:\Users\MATEUSZ\AppData\Local\WebpageIcons.db
[2012/03/23 17:44:31 | 000,459,989 | ---- | C] () -- C:\ProgramData\1332519764.bdinstall.bin
[2012/03/23 16:08:34 | 000,000,699 | ---- | C] () -- C:\Users\MATEUSZ\MATEUSZ — skrót.lnk
[2012/01/30 13:19:59 | 002,363,902 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/17 22:03:52 | 000,000,000 | ---- | C] () -- C:\Users\MATEUSZ\AppData\Local\{29D4ED02-F61C-429F-B1C8-A2B927B69369}
[2011/05/31 17:31:51 | 000,000,000 | ---- | C] () -- C:\Users\MATEUSZ\AppData\Local\{BFD8B04C-C0CE-4590-9E19-4006F82D3FDF}
[2011/05/18 13:57:39 | 000,000,000 | ---- | C] () -- C:\Users\MATEUSZ\AppData\Local\{D9217A5D-9024-4EFD-8AAB-9ED839D0624D}
[2011/05/11 16:21:51 | 000,003,584 | ---- | C] () -- C:\Users\MATEUSZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/12 20:02:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/11/28 10:04:43 | 000,000,005 | ---- | C] () -- C:\Windows\treeskp.sys
[2010/11/28 10:04:43 | 000,000,005 | ---- | C] () -- C:\Windows\sbacknt.bin
[2010/01/24 21:47:44 | 000,007,597 | ---- | C] () -- C:\Users\MATEUSZ\AppData\Local\Resmon.ResmonCfg
[2009/11/03 18:29:44 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[1992/05/28 19:57:06 | 000,193,786 | ---- | C] () -- C:\ProgramData\707079319.bdinstall.bin
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
[color=#E56717]========== LOP Check ==========[/color]
[2012-07-27 11:38:33 | 000,000,000 | -HSD | M] -- C:\Users\MATEUSZ\AppData\Roaming\.#
[2011-03-04 18:53:32 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\Aladdin Systems
[2009-12-24 03:29:08 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\Asus WebStorage
[2010-05-21 19:59:11 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\DAEMON Tools Lite
[2012-06-22 20:04:43 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\DC++
[2011-09-22 16:41:16 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\Dropbox
[2010-10-12 17:35:18 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\EeeStorageUploader
[2012-10-12 13:32:20 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\Epson
[2010-10-06 22:39:36 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\Gadu-Gadu 10
[2010-07-24 09:45:15 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\GameConsole
[2010-09-26 22:52:31 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\IconTweaker
[2011-09-30 13:21:37 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\ipla
[2010-09-02 16:43:14 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\Mount&Blade
[2012-07-30 21:20:43 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\Mount&Blade Warband
[2011-12-07 17:15:23 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\NapiProjekt
[2010-10-06 22:37:49 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\OpenFM
[2012-06-12 17:22:41 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\PunkBuster
[2012-03-23 17:23:47 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\QuickScan
[2011-06-10 14:22:59 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\SecondLife
[2010-01-26 15:23:46 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\SPORE Creature Creator
[2010-12-01 12:22:41 | 000,000,000 | ---D | M] -- C:\Users\MATEUSZ\AppData\Roaming\Utherverse
[2012-11-10 22:08:46 | 000,000,000 | ---D | M] -- C:\Users\Mateusz1\AppData\Roaming\ArcaVirMicroScan
[2011-01-26 17:30:27 | 000,000,000 | ---D | M] -- C:\Users\Mateusz1\AppData\Roaming\Asus WebStorage
[2012-10-18 18:10:47 | 000,000,000 | ---D | M] -- C:\Users\Mateusz1\AppData\Roaming\Epson
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 151 bytes -> C:\ProgramData\Temp:15024E60
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:734E442A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:B88E99C8
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:A724744F
< End of report >
2. Extras.txt:
- Kod: Zaznacz wszystko
OTL Extras logfile created on: 11/24/2012 7:38:49 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MATEUSZ\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
2.00 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 49.68% Memory free
4.00 Gb Paging File | 2.52 Gb Available in Paging File | 63.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58.22 Gb Total Space | 17.75 Gb Free Space | 30.48% Space Free | Partition Type: NTFS
Drive D: | 160.02 Gb Total Space | 39.35 Gb Free Space | 24.59% Space Free | Partition Type: NTFS
Computer Name: LAPTOP | User Name: MATEUSZ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-3578728466-2159932351-3549711082-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FF16091-E28D-413B-ACF5-AA4B42864D4B}" = rport=138 | protocol=17 | dir=out | app=system |
"{195F5722-8D9C-4BC9-8C6D-12103BE7246E}" = lport=139 | protocol=6 | dir=in | app=system |
"{2BB09148-1A48-4A5E-981A-410CA4B72FAA}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2C37A2F7-7605-4ED3-BEF9-CB71BDEBF675}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{2D771570-93E7-4D1C-B618-079FBCB135F1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{300965E6-BF7B-4A35-A289-2F6035B9A122}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{39484D86-0F37-4019-B798-7A31BA2A6CD3}" = lport=137 | protocol=17 | dir=in | app=system |
"{50F277D6-9604-41F9-83EB-E342EBE3E5D5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{56648AB1-2D1B-40B6-9CC9-E47237EB9560}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5C87DC29-C23A-40E8-B3BD-C4F1E70AC2DC}" = lport=138 | protocol=17 | dir=in | app=system |
"{5FEA4DB1-AB45-49A7-AA09-C26DBB51DFC3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{72D4CFAD-4C6A-47B1-A54B-FE097C755584}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7836A66B-41F3-4198-8F98-C8E8698FDB4A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7CE13579-6109-4AED-A078-D601F3D02AAF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{91A2D048-7EE2-48DA-AE8E-143CAE64B7F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{958323D7-8ED7-4963-9763-1C8DAECA3584}" = rport=137 | protocol=17 | dir=out | app=system |
"{A328AB75-1641-4503-8265-5EEEB70ADE5A}" = rport=139 | protocol=6 | dir=out | app=system |
"{B0D1CF1E-FBAD-4E29-B7E0-0A2A0969F3ED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B3C70EF1-08E8-4A21-A8C6-D7A072FEFB45}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BBC306EC-94E0-448E-AEC7-D073DD77DA79}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BC69CFA9-81CE-407B-9F59-AC4098DDA315}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D3B799F1-8B05-4635-B1D8-22E4CC7785DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED7A2F6D-8ADE-4C11-AE42-72211B3CBFD5}" = lport=445 | protocol=6 | dir=in | app=system |
"{EEEB62D9-2945-4E32-B36A-5DD4689FFF62}" = rport=445 | protocol=6 | dir=out | app=system |
"{F8087DC7-07F8-4D21-9BE6-6CFB0F8F16FD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07E031DF-28F2-4E2E-BC25-76C601760D82}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{08CFB18A-CBDA-47B1-8B56-7C8B748EBDA1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2C657CD5-DF3D-47BE-A2C1-A380C0036823}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{337022F7-8B48-4EA8-A274-30BED0EAA3DA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{39F53A45-B94B-4D8B-9DB7-8011A3939085}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{4B5CE2EC-BC14-4628-97B2-CABA0D146C73}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5477905E-3DC8-4EE4-B75F-BAC3C5A11936}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{82A3B92C-9D2A-4E3A-B7F1-491F22D19D27}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8AB01621-3CA4-4FC8-A5CE-3E87FF2801EA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8E7CE0E4-5521-494D-A18F-406CAE6EA737}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{94F8F6BC-9408-4598-872B-264AA6A7910C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9F741CC2-4EDB-404E-9394-DA4B10688C83}" = protocol=17 | dir=in | app=d:\flvplayer_setup.exe |
"{A40EF3A4-0164-486C-873B-4F07801BC745}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B2714AE1-89B3-4A63-B9DD-FBD3E6010468}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DBA77274-4E3F-42BE-BBC1-00DEC22B2CE8}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{DF5175D0-C478-4D99-8656-EEDE9A91F7CD}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe |
"{EE51FEBF-21FD-402E-943A-9553137306C9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{EEFC7FDA-E64F-41C4-A0B8-21A7BDD6847B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{EFC2FCEB-F9DC-49A8-89BD-55CCD3096955}" = protocol=6 | dir=in | app=c:\users\mateusz\appdata\roaming\dropbox\bin\dropbox.exe |
"{F3A49C2B-90F9-4715-8AD3-D54942FFE77B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F6E1F037-B295-4341-898F-B2D051B706A2}" = protocol=6 | dir=in | app=d:\flvplayer_setup.exe |
"{FD6D3DB4-0347-4D22-B2D6-369E2325C9DD}" = protocol=17 | dir=in | app=c:\users\mateusz\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{1AA642DA-A7C5-4B8B-A11D-184F24832071}D:\program files (x86)\secondlifeviewer2\slvoice.exe" = protocol=6 | dir=in | app=d:\program files (x86)\secondlifeviewer2\slvoice.exe |
"TCP Query User{286CD02D-3BBB-4E37-8714-398487D6BB7E}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
"TCP Query User{2CF4372D-1CAB-48BC-AC2B-35219ECAE683}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{5C29AED3-84B8-407F-8D6C-23CEFA2EDDE1}D:\program files (x86)\dc++\dcplusplus.exe" = protocol=6 | dir=in | app=d:\program files (x86)\dc++\dcplusplus.exe |
"TCP Query User{7232B55B-1CDE-4F2D-962A-28E9A132A4A3}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{79320526-8F65-41AD-8FDE-6E88A892890B}D:\program files (x86)\bioware\baldur's gate\bgmain2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\bioware\baldur's gate\bgmain2.exe |
"TCP Query User{9DE44D95-FF59-4480-8F4A-64DF09894B9A}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{B6DA35DB-429C-4C8D-B0BF-00986B94BA74}C:\program files (x86)\ubisoft\heroes of might and magic v - dzikie hordy\bin\h5_game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\heroes of might and magic v - dzikie hordy\bin\h5_game.exe |
"TCP Query User{F6DC40A4-CD17-47B0-941D-3799FCD0F94C}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{FF7FB389-D228-4D94-9C02-1A9F4E099AF6}D:\mount\mount&blade warband\mb_warband.exe" = protocol=6 | dir=in | app=d:\mount\mount&blade warband\mb_warband.exe |
"UDP Query User{25248286-A740-4C2A-9BC8-E302C57F55D4}C:\program files (x86)\ubisoft\heroes of might and magic v - dzikie hordy\bin\h5_game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\heroes of might and magic v - dzikie hordy\bin\h5_game.exe |
"UDP Query User{2F1603F2-F800-44DE-AFF2-929BA6DF46D4}D:\program files (x86)\secondlifeviewer2\slvoice.exe" = protocol=17 | dir=in | app=d:\program files (x86)\secondlifeviewer2\slvoice.exe |
"UDP Query User{54388535-E204-4368-9F1E-26609827BC89}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{81E2C3D2-B458-4557-9220-AC735A04DEF3}D:\program files (x86)\dc++\dcplusplus.exe" = protocol=17 | dir=in | app=d:\program files (x86)\dc++\dcplusplus.exe |
"UDP Query User{8355224A-7F5C-461F-B3B0-BD11552351F8}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe |
"UDP Query User{A0DAF0A3-76EF-45E8-AB35-8AA505D43D2D}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{ADF4B8D1-603D-49D7-883B-C942F6355166}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{CD54883D-93D7-4167-8D77-9CDEDCA49604}D:\program files (x86)\bioware\baldur's gate\bgmain2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\bioware\baldur's gate\bgmain2.exe |
"UDP Query User{CE61D4B4-4775-4169-95E6-2D555E6D4447}D:\mount\mount&blade warband\mb_warband.exe" = protocol=17 | dir=in | app=d:\mount\mount&blade warband\mb_warband.exe |
"UDP Query User{E011E2E4-6DD0-45D8-B1A4-05703F376EF7}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040E-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Hungarian) 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{90120000-002A-0418-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Romanian) 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90120000-002A-0424-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovenian) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95F7B3C3-3D4C-471B-982A-76DB26E0EA2B}" = Bezpieczeństwo rodzinne usługi Windows Live
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Asystent rejestrowania za pomocą identyfikatora Windows Live
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FC6ADB14-A8D9-4F80-9890-2151D92CFF1C}" = PDF-XChange Viewer
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Asus WebStorage" = Asus WebStorage
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.5.7_WHQL
"EPSON SX130 Series" = EPSON SX130 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"WinRAR archiver" = Archiwizator WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B63BF75-9F0A-4E93-A69D-BDCC6A26C4B1}" = Podstawowe programy Windows Live
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}" = Windows Live Messenger
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40CC0CC6-C1BA-476D-98CF-5430DA439B4F}" = Galeria fotografii usługi Windows Live
"{40E92280-8694-11D5-B8B0-0050FC1A64AD}" = Gabriel Knight 3 PL
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager
"{6C3496DF-CC4C-4CDE-87A1-8657619EE2D6}_is1" = Game Park Console
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A17C27D-0325-400C-8AA9-DAA6B16CBD74}" = Epson Event Manager
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8AF5EA22-17DC-46E0-ABA3-F30A7D288DD0}" = SETTLERS - Dziedzictwo Królów - Złota edycja
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-040E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hungarian) 2007
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0418-0000-0000000FF1CE}" = Microsoft Office Access MUI (Romanian) 2007
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-0424-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovenian) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-040E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hungarian) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0418-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Romanian) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-0424-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovenian) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-040E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hungarian) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0418-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Romanian) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-0424-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovenian) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-040E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hungarian) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0418-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Romanian) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-0424-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovenian) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-040E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hungarian) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0418-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Romanian) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-0424-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovenian) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-040E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hungarian) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0418-0000-0000000FF1CE}" = Microsoft Office Word MUI (Romanian) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-0424-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovenian) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040E-0000-0000000FF1CE}" = Microsoft Office Proofing (Hungarian) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-002C-0418-0000-0000000FF1CE}" = Microsoft Office Proofing (Romanian) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-002C-0424-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovenian) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-040E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hungarian) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0418-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Romanian) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-0424-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovenian) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{97DF4674-AB43-11D5-91C9-005004F84FA1}" = Dialang V1 Beta
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}" = Epson Easy Photo Print 2
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A9109385-09FE-4469-8B6A-E4A09B6B2AD2}" = Max Payne Demo
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.2 - Polish
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3335EFB-008F-44DB-A87A-9EC8EE53D045}" = Windows Live Sync
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DB4690C5-9015-401D-A96C-A49909B7C372}" = Poczta usługi Windows Live
"{DD49053A-0140-44EF-AE75-C4BC1FDB8286}" = Windows Live Writer
"{DDC5B3E0-C656-4070-9CF0-E592EC60AD42}" = MotoConnect
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E8EA933E-03A2-4E62-9F52-812C72BE2A6B}" = Privatefirewall 7.0
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F85902DB-38E0-4360-A5A2-9CD66EDDECBA}_is1" = WebCopier Pro 5.4
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{F92A74E1-D56E-4B83-A8C3-5DB85759A3FA}" = Mp3 My Mp3 3.1
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"ASUS AP Bank_is1" = ASUS AP Bank
"AVI Splitter_is1" = AVI Splitter
"BG1_is1" = Baldur's Gate
"Call of Duty and United Offensive - Respev Edition_is1" = Call of Duty and United Offensive - Respev Edition
"COMODO GeekBuddy" = COMODO GeekBuddy
"DC++" = DC++ 0.799
"DivX Codec" = DivX 5.0.3 Bundle
"Elasto Mania" = Elasto Mania
"Elecard Codec SDK G4 1.2.1.90504 Eval" = Elecard Codec SDK G4 Eval
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON SX130 Series Useg" = Przewodnik użytkownika EPSON SX130 Series
"ESET Online Scanner" = ESET Online Scanner v3
"Gadu-Gadu 10" = Gadu-Gadu 10
"Google Chrome" = Google Chrome
"Heroes of Might and Magic® III Demo" = Heroes of Might and Magic® III Demo
"IconPackager" = IconPackager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"ISO Workshop_is1" = ISO Workshop 3.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000
"Mount&Blade" = Mount&Blade
"Mozilla Firefox 15.0 (x86 pl)" = Mozilla Firefox 15.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3 My Mp3 3.1" = Mp3 My Mp3 3.1
"NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2023)
"PROHYBRIDR" = 2007 Microsoft Office system
"PunkBusterSvc" = PunkBuster Services
"SecondLifeViewer2" = SecondLifeViewer2 (remove only)
"SkanerOnline" = mks_vir - online scanner
"Supertintin Skype Video Call Recorder_is1" = Supertintin 1.2.0.4
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live
"XviD_is1" = XviD MPEG-4 Video Codec
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-3578728466-2159932351-3549711082-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Mozilla Firefox 16.0.2 (x86 pl)" = Mozilla Firefox 16.0.2 (x86 pl)
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 2012-06-23 07:49:36 | Computer Name = LAPTOP | Source = VSS | ID = 8193
Description =
Error - 2012-06-28 07:59:15 | Computer Name = LAPTOP | Source = VSS | ID = 13
Description =
Error - 2012-06-28 07:59:15 | Computer Name = LAPTOP | Source = VSS | ID = 8193
Description =
Error - 2012-06-28 14:31:00 | Computer Name = LAPTOP | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: AssassinsCreed_Dx10.exe, wersja:
1.0.0.1, sygnatura czasowa: 0x47b40000 Nazwa modułu powodującego błąd: AssassinsCreed_Dx10.exe,
wersja: 1.0.0.1, sygnatura czasowa: 0x47b40000 Kod wyjątku: 0x80000003 Przesunięcie
błędu: 0x000134e0 Identyfikator procesu powodującego błąd: 0x588 Godzina uruchomienia
aplikacji powodującej błąd: 0x01cd5554558732f0 Ścieżka aplikacji powodującej błąd:
D:\Program Files (x86)\Ubisoft\Assassin's creed\AssassinsCreed_Dx10.exe Ścieżka
modułu powodującego błąd: D:\Program Files (x86)\Ubisoft\Assassin's creed\AssassinsCreed_Dx10.exe
Identyfikator
raportu: 689d54c0-c14f-11e1-8981-90e6ba636298
Error - 2012-06-29 09:29:48 | Computer Name = LAPTOP | Source = Application Error | ID = 1000
Error - 2012-06-30 10:44:08 | Computer Name = LAPTOP | Source = Application Hang
| ID = 1002
Description = Program iexplore.exe w wersji 8.0.7600.17006 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji.
Identyfikator procesu: 12ac
Godzina rozpoczęcia: 01cd56bef0ca30d0
Godzina zakończenia: 13
Ścieżka aplikacji: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Identyfikator raportu: 06e76ee1-c2c2-11e1-b755-90e6ba636298
Error - 2012-07-09 14:21:31 | Computer Name = LAPTOP | Source = Application Error
| ID = 1000
Description = Nazwa aplikacji powodującej błąd: CoDSP.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x3f42acf1
Nazwa modułu powodującego błąd: mss32.dll, wersja: 3.0.0.0, sygnatura czasowa: 0x3e767330
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x00015ebc
Identyfikator procesu powodującego błąd: 0x6f8
Godzina uruchomienia aplikacji powodującej błąd: 0x01cd5dff844e6be0
Ścieżka aplikacji powodującej błąd: D:\Program Files (x86)\Call of Duty Single Player Demo\CoDSP.exe
Ścieżka modułu powodującego błąd: D:\Program Files (x86)\Call of Duty Single Player Demo\mss32.dll
Identyfikator raportu: e7b401e0-c9f2-11e1-838d-90e6ba636298
Error - 2012-07-16 10:33:49 | Computer Name = LAPTOP | Source = Application Error
| ID = 1000
Description = Nazwa aplikacji powodującej błąd: Doom3.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x414221a3
Nazwa modułu powodującego błąd: Doom3.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x414221a3
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x001e8693
Identyfikator procesu powodującego błąd: 0x13ac
Godzina uruchomienia aplikacji powodującej błąd: 0x01cd635ffa669c20
Ścieżka aplikacji powodującej błąd: D:\Program Files (x86)\Doom 3 Demo\Doom3.exe
Ścieżka modułu powodującego błąd: D:\Program Files (x86)\Doom 3 Demo\Doom3.exe
Identyfikator raportu: 412403a0-cf53-11e1-bb9d-90e6ba636298
Error - 2012-07-16 10:34:12 | Computer Name = LAPTOP | Source = Application Error
| ID = 1000
Description = Nazwa aplikacji powodującej błąd: Doom3.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x414221a3
Nazwa modułu powodującego błąd: Doom3.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x414221a3
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x001e8693
Identyfikator procesu powodującego błąd: 0x134c
Godzina uruchomienia aplikacji powodującej błąd: 0x01cd6360110d31a0
Ścieżka aplikacji powodującej błąd: D:\Program Files (x86)\Doom 3 Demo\Doom3.exe
Ścieżka modułu powodującego błąd: D:\Program Files (x86)\Doom 3 Demo\Doom3.exe
Identyfikator raportu: 4ef07c20-cf53-11e1-bb9d-90e6ba636298
Error - 2012-07-16 11:56:31 | Computer Name = LAPTOP | Source = Application Error
| ID = 1000
Description = Nazwa aplikacji powodującej błąd: Doom3.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x414221a3
Nazwa modułu powodującego błąd: Doom3.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x414221a3
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x001e8693
Identyfikator procesu powodującego błąd: 0x1124
Godzina uruchomienia aplikacji powodującej błąd: 0x01cd636b90456590
Ścieżka aplikacji powodującej błąd: D:\Program Files (x86)\Doom 3 Demo\Doom3.exe
Ścieżka modułu powodującego błąd: D:\Program Files (x86)\Doom 3 Demo\Doom3.exe
Identyfikator raportu: cef56650-cf5e-11e1-bb9d-90e6ba636298
Error - 2012-07-16 12:00:31 | Computer Name = LAPTOP | Source = Application Error
| ID = 1000
Description = Nazwa aplikacji powodującej błąd: Doom3.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x414221a3
Nazwa modułu powodującego błąd: Doom3.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x414221a3
Kod wyjątku: 0xc0000005
Przesunięcie błędu: 0x001e8693
Identyfikator procesu powodującego błąd: 0xeb8
Godzina uruchomienia aplikacji powodującej błąd: 0x01cd636c1c76a600
Ścieżka aplikacji powodującej błąd: D:\Program Files (x86)\Doom 3 Demo\Doom3.exe
Ścieżka modułu powodującego błąd: D:\Program Files (x86)\Doom 3 Demo\Doom3.exe
Identyfikator raportu: 5e1477e0-cf5f-11e1-b22b-90e6ba636298
Error encountered while reading event logs.
< End of report >
