Czy pozbyłem się wirusa?

Cytryn · 14 Czerwca 2014

Dziś złapałem omiga plus lecz poradziłem sobie z pomocą spy hunter 4, combofix i ccleaner.

Zrobiłem loga w OTL i chciałbym abyście napisali czy jeszcze coś zostało bo nie zabardzo wychodzi mi interpretacja tych logów ;/

OTL logfile created on: 2014-06-15 00:07:35 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Liukaner\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

11,98 Gb Total Physical Memory | 9,19 Gb Available Physical Memory | 76,65% Memory free
23,97 Gb Paging File | 21,03 Gb Available in Paging File | 87,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 270,35 Gb Total Space | 149,65 Gb Free Space | 55,35% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 108,05 Gb Free Space | 55,32% Space Free | Partition Type: NTFS
Drive F: | 684,53 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: LIUKANERPC | User Name: Liukaner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014-06-15 00:06:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Liukaner\Downloads\OTL.exe
PRC - [2014-06-14 22:42:00 | 003,021,720 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
PRC - [2014-06-11 15:09:07 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014-06-10 19:52:32 | 001,869,488 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
PRC - [2014-06-06 16:04:37 | 005,037,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014-06-04 03:21:35 | 001,666,896 | ---- | M] (BitTorrent Inc.) -- C:\Users\Liukaner\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2014-05-28 11:29:40 | 005,260,864 | ---- | M] (GG Network S.A.) -- C:\Users\Liukaner\AppData\Local\GG\Application\ggdrive\ggdrive.exe
PRC - [2014-05-28 11:29:40 | 004,023,360 | ---- | M] (GG Network S.A.) -- C:\Users\Liukaner\AppData\Local\GG\Application\gghub.exe
PRC - [2014-05-28 11:29:38 | 000,132,672 | ---- | M] (GG Network S.A.) -- C:\Users\Liukaner\AppData\Local\GG\Application\ggapp.exe
PRC - [2014-05-28 11:29:38 | 000,076,352 | ---- | M] (GG Network S.A.) -- C:\Users\Liukaner\AppData\Local\GG\Application\xulrunner\gghub.exe
PRC - [2014-05-13 14:29:30 | 003,814,736 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2010-10-21 19:44:22 | 001,495,115 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\AutoGreen\AutoGreen.exe
PRC - [2010-10-20 15:26:52 | 001,628,784 | ---- | M] (GIGABYTE) -- C:\Program Files (x86)\gigabyte\smart6\smart6.exe
PRC - [2010-10-05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010-10-05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010-05-18 17:06:42 | 000,327,064 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
PRC - [2010-04-22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
PRC - [2009-10-13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
PRC - [2008-03-25 17:21:56 | 000,219,656 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2014-06-11 15:09:07 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014-06-10 19:52:32 | 017,024,688 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
MOD - [2014-05-28 11:29:40 | 016,361,120 | ---- | M] () -- C:\Users\Liukaner\AppData\Local\GG\Application\FMSBWChecker\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
MOD - [2014-05-28 11:29:40 | 000,122,432 | ---- | M] () -- C:\Users\Liukaner\AppData\Local\GG\Application\ggdrive\ZLIB1.dll
MOD - [2014-05-28 11:29:38 | 003,205,184 | ---- | M] () -- C:\Users\Liukaner\AppData\Local\GG\Application\xulrunner\mozjs.dll
MOD - [2014-05-27 11:35:32 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
MOD - [2014-05-27 11:35:21 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
MOD - [2014-05-27 11:35:08 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
MOD - [2014-05-27 11:35:04 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
MOD - [2010-12-21 10:12:36 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\gigabyte\smart6\SmartFun.dll
MOD - [2010-12-16 18:14:14 | 002,601,031 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
MOD - [2010-12-15 14:51:38 | 000,413,763 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\work.dll
MOD - [2010-12-08 16:25:40 | 000,299,008 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL
MOD - [2010-12-02 16:01:10 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
MOD - [2010-12-02 15:59:48 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
MOD - [2010-12-01 18:15:26 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
MOD - [2010-10-21 20:50:40 | 000,200,704 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
MOD - [2010-10-21 19:44:22 | 001,495,115 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\AutoGreen\AutoGreen.exe
MOD - [2010-10-19 10:59:46 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
MOD - [2010-09-30 08:45:46 | 000,126,976 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
MOD - [2010-06-24 15:50:08 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
MOD - [2010-06-10 15:52:24 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
MOD - [2010-05-18 16:54:44 | 000,395,776 | ---- | M] () -- C:\Program Files (x86)\Enigma Software Group\SpyHunter\ExecutionGuard.dll
MOD - [2010-05-17 19:22:48 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\AutoGreen\BT_Socket.DLL
MOD - [2010-03-12 05:40:58 | 004,449,632 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll
MOD - [2010-03-12 05:40:56 | 000,423,256 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Device.dll
MOD - [2009-12-22 16:52:04 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
MOD - [2009-12-21 14:04:56 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\AutoGreen\ycc.dll
MOD - [2009-10-12 22:35:46 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\AutoGreen\AthBtWakeup.dll
MOD - [2009-07-17 15:12:10 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\AutoGreen\HK.dll
MOD - [2009-05-05 11:05:02 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\gigabyte\smart6\CheckFK.dll
MOD - [2009-03-20 11:04:58 | 000,109,096 | ---- | M] () -- C:\Program Files (x86)\gigabyte\smart6\YCC.DLL
MOD - [2008-05-07 15:22:58 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
MOD - [2008-03-25 17:21:56 | 000,219,656 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
MOD - [2003-02-14 14:11:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2014-04-18 03:29:24 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2010-04-06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014-06-11 15:09:07 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-06-10 19:52:32 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-06-06 16:04:37 | 005,037,888 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014-05-13 14:29:26 | 002,228,048 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014-04-15 16:07:54 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014-04-03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-10-05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010-10-05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010-05-18 17:06:42 | 000,327,064 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE -- (SpyHunter 4 Service)
SRV - [2009-10-13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:[b]64bit:[/b] - [2014-04-25 17:45:06 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:[b]64bit:[/b] - [2014-04-25 10:44:14 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2014-04-18 04:36:46 | 015,376,384 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2014-04-18 03:07:06 | 000,638,976 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2013-12-19 18:45:50 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2012-03-01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011-03-11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-01-10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:[b]64bit:[/b] - [2010-12-24 09:32:54 | 000,412,264 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010-10-19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-03-18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:[b]64bit:[/b] - [2008-11-04 13:12:08 | 000,023,096 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MTiCtwl.sys -- (MagicTune)
DRV - [2014-06-14 23:41:55 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2014-06-14 23:41:39 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1402774674&from=ild&uid=ST500DM002-1BD142_Z2AQGSDJXXXXZ2AQGSDJ
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://isearch.omiga-plus.com/web/?type=ds&ts=1402774674&from=ild&uid=ST500DM002-1BD142_Z2AQGSDJXXXXZ2AQGSDJ&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1402774674&from=ild&uid=ST500DM002-1BD142_Z2AQGSDJXXXXZ2AQGSDJ
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1402774674&from=ild&uid=ST500DM002-1BD142_Z2AQGSDJXXXXZ2AQGSDJ&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1402774674&from=ild&uid=ST500DM002-1BD142_Z2AQGSDJXXXXZ2AQGSDJ&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1402774674&from=ild&uid=ST500DM002-1BD142_Z2AQGSDJXXXXZ2AQGSDJ
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1347464404-4033422319-3270200158-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1347464404-4033422319-3270200158-1000\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-1347464404-4033422319-3270200158-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1347464404-4033422319-3270200158-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "http://google.pl/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0


FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.0.2: C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.0.2: C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll File not found
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014-04-25 11:17:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Liukaner\AppData\Roaming\mozilla\Extensions
[2014-06-14 22:00:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Liukaner\AppData\Roaming\mozilla\Firefox\Profiles\17wkqm6k.default\extensions
[2014-06-14 21:37:51 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Liukaner\AppData\Roaming\mozilla\firefox\profiles\17wkqm6k.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014-06-11 15:09:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014-06-11 15:09:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[color=#E56717]========== Chrome  ==========[/color]

CHR - default_search_provider: omiga-plus (Enabled)
CHR - default_search_provider: search_url = http://isearch.omiga-plus.com/web/?type=ds&ts=1402774674&from=ild&uid=ST500DM002-1BD142_Z2AQGSDJXXXXZ2AQGSDJ&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://isearch.omiga-plus.com/?type=hp&ts=1402774674&from=ild&uid=ST500DM002-1BD142_Z2AQGSDJXXXXZ2AQGSDJ
CHR - Extension: Dokumenty Google = C:\Users\Liukaner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Dysk Google = C:\Users\Liukaner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Liukaner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Liukaner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Liukaner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Liukaner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014-06-14 22:42:27 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1347464404-4033422319-3270200158-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1347464404-4033422319-3270200158-1000..\Run: [GG] C:\Users\Liukaner\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-1347464404-4033422319-3270200158-1000..\Run: [uTorrent] C:\Users\Liukaner\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4:[b]64bit:[/b] - HKLM..\RunOnce: [RPMKickstart] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.)
O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1347464404-4033422319-3270200158-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1347464404-4033422319-3270200158-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68933AE7-8F0C-45C9-8FD8-6FEAFA59FC9E}: DhcpNameServer = 192.168.1.1
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\SupTab\SearchProtect64.dll) -  File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014-06-14 22:10:46 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2014-06-07 10:07:09 | 000,000,065 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014-06-14 22:39:41 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2014-06-14 22:39:40 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2014-06-14 22:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2014-06-14 22:38:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014-06-14 22:10:15 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014-06-14 22:09:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014-06-14 21:51:32 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014-06-14 21:49:22 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014-06-14 21:42:03 | 000,000,000 | ---D | C] -- C:\ComboFix
[2014-06-14 21:09:07 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Local\SKIDROW
[2014-06-14 21:03:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KISS ltd
[2014-06-14 19:02:28 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Roaming\TeamViewer
[2014-06-14 18:57:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2014-06-14 12:50:56 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Local\Skype
[2014-06-14 12:50:52 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Roaming\Skype
[2014-06-14 12:50:48 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014-06-14 12:50:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014-06-14 12:50:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014-06-14 12:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014-06-11 15:09:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014-06-09 11:20:27 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Local\LogMeIn Hamachi
[2014-06-09 11:20:27 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Local\LogMeIn
[2014-06-09 11:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2014-06-09 11:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2014-06-09 11:19:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2014-06-08 23:22:00 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LauncherTekkity by luki!(x64)
[2014-06-08 23:22:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LauncherTekkity by luki!(x64)
[2014-06-08 23:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LauncherTekkityv1.0.0
[2014-06-06 01:55:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014-06-06 01:54:26 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Local\Google
[2014-06-06 01:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014-06-05 11:04:56 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\Documents\My Games
[2014-06-05 11:04:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Orbit
[2014-06-05 11:00:09 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2014-06-05 11:00:08 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Local\Ubisoft Game Launcher
[2014-06-05 11:00:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2014-06-05 10:59:36 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2014-06-05 10:59:36 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2014-06-05 10:59:35 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2014-06-05 10:59:35 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2014-06-05 10:59:35 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2014-06-05 10:59:35 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2014-06-05 10:59:35 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2014-06-05 10:59:34 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2014-06-05 10:59:34 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2014-06-05 10:59:34 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2014-06-05 10:59:34 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2014-06-05 10:59:34 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2014-06-05 10:59:34 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2014-06-05 10:59:34 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2014-06-05 10:59:34 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2014-06-05 10:59:34 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2014-06-05 10:59:34 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2014-06-05 10:59:34 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2014-06-05 10:59:33 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2014-06-05 10:59:33 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2014-06-05 10:59:33 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2014-06-05 10:59:33 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2014-06-05 10:59:33 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2014-06-05 10:59:33 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2014-06-05 10:59:33 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2014-06-05 10:59:33 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2014-06-05 10:59:33 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2014-06-05 10:59:33 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2014-06-05 10:59:33 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2014-06-05 10:59:32 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2014-06-05 10:59:32 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2014-06-05 10:59:32 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2014-06-05 10:59:32 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2014-06-05 10:59:32 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2014-06-05 10:59:32 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2014-06-05 10:59:32 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2014-06-05 10:59:32 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2014-06-05 10:59:32 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2014-06-05 10:59:31 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2014-06-05 10:59:31 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2014-06-05 10:59:31 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2014-06-05 10:59:31 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2014-06-05 10:59:31 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2014-06-05 10:59:31 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2014-06-05 10:59:31 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2014-06-05 10:59:31 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2014-06-05 10:59:31 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2014-06-05 10:59:31 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2014-06-05 10:59:31 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2014-06-05 10:59:30 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014-06-05 10:59:30 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014-06-05 10:59:30 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014-06-05 10:59:30 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014-06-05 10:59:30 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014-06-05 10:59:30 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014-06-05 10:59:30 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014-06-05 10:59:30 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014-06-05 10:59:30 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014-06-05 10:59:30 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014-06-05 10:59:30 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014-06-05 10:59:30 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014-06-05 10:59:29 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014-06-05 10:59:29 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014-06-05 10:59:29 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014-06-05 10:59:29 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014-06-05 10:59:29 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014-06-05 10:59:29 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014-06-05 10:59:29 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014-06-05 10:59:27 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2014-06-05 10:59:27 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014-06-05 10:59:27 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014-06-05 10:59:27 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014-06-05 10:59:27 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014-06-05 10:59:27 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014-06-05 10:59:27 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014-06-05 10:59:27 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014-06-05 10:59:27 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014-06-05 10:59:26 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014-06-05 10:59:26 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014-06-05 10:59:26 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014-06-05 10:59:26 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014-06-05 10:59:26 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2014-06-05 10:59:26 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014-06-05 10:59:25 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014-06-05 10:59:25 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014-06-05 10:59:25 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014-06-05 10:59:25 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014-06-05 10:59:25 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014-06-05 10:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2014-06-04 03:21:02 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Roaming\uTorrent
[2014-06-03 22:34:17 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Local\PixelServ_Launcher
[2014-06-03 22:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PixelServ
[2014-06-03 22:23:49 | 000,000,000 | ---D | C] -- C:\PixelServ
[2014-06-03 22:23:38 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Local\Downloaded Installations
[2014-06-03 22:22:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014-06-03 22:21:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2014-06-03 22:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2014-06-03 22:20:06 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014-06-03 22:16:18 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Roaming\.dragoncraft.pl
[2014-06-03 22:14:12 | 000,000,000 | ---D | C] -- C:\AMD
[2014-06-03 20:33:24 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Roaming\library_dir
[2014-06-03 20:33:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr
[2014-06-03 20:28:29 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\FTB Pack Install
[2014-06-03 19:37:20 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\.cmflauncher
[2014-06-03 18:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\LumaEmu_SteamCloud
[2014-06-03 18:44:46 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\Desktop\Rust 14.03
[2014-06-03 18:30:04 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Roaming\IObit
[2014-06-03 18:30:00 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Local\Programs
[2014-06-03 18:19:03 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Roaming\TS3Client
[2014-06-03 18:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2014-06-03 18:19:01 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2014-06-03 18:08:04 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Roaming\.minecraft
[2014-06-03 18:05:33 | 000,000,000 | --SD | C] -- C:\Users\Liukaner\GG dysk
[2014-06-03 18:02:40 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Roaming\GG
[2014-06-03 18:02:39 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Local\GG
[2014-06-03 18:02:38 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Local\OpenFM
[2014-06-03 17:51:42 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Roaming\ATI
[2014-06-03 17:51:42 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Local\ATI
[2014-06-03 17:48:52 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2014-06-03 17:48:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014-06-03 17:47:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2014-06-03 17:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2014-06-03 17:46:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014-06-03 17:46:30 | 010,335,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2014-06-03 17:46:30 | 008,866,928 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2014-06-03 17:46:30 | 008,010,968 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2014-06-03 17:46:30 | 007,520,200 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2014-06-03 17:46:30 | 006,799,688 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2014-06-03 17:46:30 | 006,796,592 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2014-06-03 17:46:30 | 001,343,272 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2014-06-03 17:46:30 | 001,117,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2014-06-03 17:46:30 | 000,332,800 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODE.exe
[2014-06-03 17:46:30 | 000,143,304 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2014-06-03 17:46:30 | 000,126,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2014-06-03 17:46:30 | 000,117,584 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2014-06-03 17:46:30 | 000,099,520 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2014-06-03 17:46:30 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2014-06-03 17:46:30 | 000,051,200 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODCLI.exe
[2014-06-03 17:46:29 | 001,177,600 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2014-06-03 17:46:29 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe
[2014-06-03 17:46:29 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2014-06-03 17:46:29 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2014-06-03 17:46:13 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014-06-03 17:40:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014-06-03 17:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014-05-27 11:49:50 | 000,000,000 | ---D | C] -- C:\Users\Liukaner\AppData\Local\Microsoft Games
[2014-05-23 19:10:35 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2014-05-23 19:10:35 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2014-05-23 19:10:35 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014-05-23 19:10:35 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2014-05-23 19:10:35 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2014-05-23 19:10:34 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2014-05-23 19:10:34 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2014-05-23 19:10:24 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014-05-23 19:10:24 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014-06-14 23:59:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-06-14 23:53:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-06-14 23:41:55 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2014-06-14 23:41:39 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2014-06-14 23:41:39 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2014-06-14 23:28:44 | 000,001,637 | ---- | M] () -- C:\Users\Liukaner\Desktop\GG dysk.lnk
[2014-06-14 23:28:43 | 000,001,152 | ---- | M] () -- C:\Users\Liukaner\Desktop\GG.lnk
[2014-06-14 22:44:02 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-06-14 22:44:02 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-06-14 22:42:31 | 001,334,880 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-06-14 22:42:31 | 000,885,540 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-06-14 22:42:31 | 000,362,888 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-06-14 22:42:31 | 000,316,138 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-06-14 22:42:31 | 000,006,208 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-06-14 22:42:27 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014-06-14 22:39:41 | 000,002,294 | ---- | M] () -- C:\Users\Liukaner\Desktop\SpyHunter.lnk
[2014-06-14 22:36:44 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-06-14 22:36:39 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014-06-14 22:36:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-06-14 22:36:15 | 670,998,746 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014-06-14 22:36:13 | 1060,708,350 | -HS- | M] () -- C:\hiberfil.sys
[2014-06-14 22:10:46 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014-06-14 21:50:27 | 000,276,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-06-14 21:38:03 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014-06-14 21:37:55 | 000,002,399 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-06-14 18:57:47 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014-06-14 17:52:49 | 001,709,713 | ---- | M] () -- C:\Users\Liukaner\Desktop\201406141_eeshxaa.jpg
[2014-06-14 17:35:23 | 001,489,314 | ---- | M] () -- C:\Users\Liukaner\Desktop\201406141_eeshxne.jpg
[2014-06-14 12:54:17 | 000,040,947 | ---- | M] () -- C:\Users\Liukaner\Desktop\376391_177008489097841_1687984928_n.jpg
[2014-06-14 12:50:48 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014-06-10 19:52:32 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-06-10 19:52:32 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-06-09 13:04:39 | 001,355,753 | ---- | M] () -- C:\Users\Liukaner\Desktop\201406091_eeennwh.jpg
[2014-06-08 23:22:00 | 000,001,179 | ---- | M] () -- C:\Users\Liukaner\Desktop\LauncherTekkity by luki!(x64).lnk
[2014-06-05 16:16:22 | 000,001,580 | ---- | M] () -- C:\Users\Liukaner\Desktop\Watch_Dogs — skrót.lnk
[2014-06-05 11:00:09 | 000,001,205 | ---- | M] () -- C:\Users\Liukaner\Desktop\Uplay.lnk
[2014-06-04 21:02:26 | 000,043,800 | ---- | M] () -- C:\Users\Liukaner\Desktop\154361249_3_644x461_toyota-corolla-18d-e8-toyota.jpg
[2014-06-04 21:02:24 | 000,045,816 | ---- | M] () -- C:\Users\Liukaner\Desktop\154361249_2_644x461_toyota-corolla-18d-e8-dodaj-zdjecia.jpg
[2014-06-04 21:02:20 | 000,045,826 | ---- | M] () -- C:\Users\Liukaner\Desktop\154361249_1_644x461_toyota-corolla-18d-e8-lodz.jpg
[2014-06-04 21:00:30 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2014-06-04 21:00:30 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014-06-04 20:59:01 | 000,048,015 | ---- | M] () -- C:\Users\Liukaner\Desktop\154379707_3_644x461_toyota-corolla-e10-1993r-toyota.jpg
[2014-06-04 20:58:58 | 000,053,001 | ---- | M] () -- C:\Users\Liukaner\Desktop\154379707_2_644x461_toyota-corolla-e10-1993r-dodaj-zdjecia.jpg
[2014-06-04 20:58:54 | 000,051,295 | ---- | M] () -- C:\Users\Liukaner\Desktop\154379707_1_644x461_toyota-corolla-e10-1993r-bialystok.jpg
[2014-06-04 13:22:54 | 000,002,703 | ---- | M] () -- C:\Users\Public\Desktop\Pixelserv.exe.lnk
[2014-06-04 03:21:35 | 000,000,856 | ---- | M] () -- C:\Users\Liukaner\Desktop\µTorrent.lnk
[2014-06-03 18:59:49 | 000,000,000 | -HS- | M] () -- C:\Users\Liukaner\AppData\Local\LumaEmu
[2014-06-03 18:02:39 | 000,001,191 | ---- | M] () -- C:\Users\Liukaner\Desktop\OpenFM.lnk
[2014-06-03 17:51:09 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014-06-14 22:39:41 | 000,002,294 | ---- | C] () -- C:\Users\Liukaner\Desktop\SpyHunter.lnk
[2014-06-14 22:36:15 | 670,998,746 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014-06-14 22:10:46 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014-06-14 21:33:30 | 000,000,950 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014-06-14 21:33:30 | 000,000,946 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
[2014-06-14 18:57:47 | 000,001,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014-06-14 18:57:47 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014-06-14 17:49:27 | 001,709,713 | ---- | C] () -- C:\Users\Liukaner\Desktop\201406141_eeshxaa.jpg
[2014-06-14 17:30:53 | 001,489,314 | ---- | C] () -- C:\Users\Liukaner\Desktop\201406141_eeshxne.jpg
[2014-06-14 12:54:16 | 000,040,947 | ---- | C] () -- C:\Users\Liukaner\Desktop\376391_177008489097841_1687984928_n.jpg
[2014-06-14 12:50:48 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014-06-09 13:04:38 | 001,355,753 | ---- | C] () -- C:\Users\Liukaner\Desktop\201406091_eeennwh.jpg
[2014-06-08 23:22:00 | 000,001,179 | ---- | C] () -- C:\Users\Liukaner\Desktop\LauncherTekkity by luki!(x64).lnk
[2014-06-06 01:55:34 | 000,002,399 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-06-06 01:54:27 | 000,001,052 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-06-06 01:54:27 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-06-05 16:16:22 | 000,001,580 | ---- | C] () -- C:\Users\Liukaner\Desktop\Watch_Dogs — skrót.lnk
[2014-06-05 11:00:09 | 000,001,205 | ---- | C] () -- C:\Users\Liukaner\Desktop\Uplay.lnk
[2014-06-04 21:02:26 | 000,043,800 | ---- | C] () -- C:\Users\Liukaner\Desktop\154361249_3_644x461_toyota-corolla-18d-e8-toyota.jpg
[2014-06-04 21:02:23 | 000,045,816 | ---- | C] () -- C:\Users\Liukaner\Desktop\154361249_2_644x461_toyota-corolla-18d-e8-dodaj-zdjecia.jpg
[2014-06-04 21:02:20 | 000,045,826 | ---- | C] () -- C:\Users\Liukaner\Desktop\154361249_1_644x461_toyota-corolla-18d-e8-lodz.jpg
[2014-06-04 20:59:01 | 000,048,015 | ---- | C] () -- C:\Users\Liukaner\Desktop\154379707_3_644x461_toyota-corolla-e10-1993r-toyota.jpg
[2014-06-04 20:58:58 | 000,053,001 | ---- | C] () -- C:\Users\Liukaner\Desktop\154379707_2_644x461_toyota-corolla-e10-1993r-dodaj-zdjecia.jpg
[2014-06-04 20:58:54 | 000,051,295 | ---- | C] () -- C:\Users\Liukaner\Desktop\154379707_1_644x461_toyota-corolla-e10-1993r-bialystok.jpg
[2014-06-04 03:21:35 | 000,000,856 | ---- | C] () -- C:\Users\Liukaner\Desktop\µTorrent.lnk
[2014-06-03 22:23:49 | 000,002,703 | ---- | C] () -- C:\Users\Public\Desktop\Pixelserv.exe.lnk
[2014-06-03 18:59:49 | 000,000,000 | -HS- | C] () -- C:\Users\Liukaner\AppData\Local\LumaEmu
[2014-06-03 18:19:01 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2014-06-03 18:07:49 | 001,167,284 | ---- | C] () -- C:\Users\Liukaner\Desktop\KN Launcher.exe
[2014-06-03 18:05:33 | 000,001,637 | ---- | C] () -- C:\Users\Liukaner\Desktop\GG dysk.lnk
[2014-06-03 18:02:41 | 000,001,152 | ---- | C] () -- C:\Users\Liukaner\Desktop\GG.lnk
[2014-06-03 18:02:39 | 000,001,199 | ---- | C] () -- C:\Users\Liukaner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenFM.lnk
[2014-06-03 18:02:39 | 000,001,191 | ---- | C] () -- C:\Users\Liukaner\Desktop\OpenFM.lnk
[2014-06-03 18:02:39 | 000,001,160 | ---- | C] () -- C:\Users\Liukaner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
[2014-06-03 17:51:09 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014-06-03 17:46:30 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014-06-03 17:46:30 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2014-06-03 17:46:30 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014-06-03 17:46:30 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2014-06-03 17:46:30 | 000,046,705 | ---- | C] () -- C:\Windows\atiogl.xml
[2014-06-03 17:46:30 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014-06-03 17:46:30 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2014-06-03 17:46:29 | 001,187,342 | ---- | C] () -- C:\Windows\SysNative\amdocl_as64.exe
[2014-06-03 17:46:29 | 001,061,902 | ---- | C] () -- C:\Windows\SysNative\amdocl_ld64.exe
[2014-06-03 17:46:29 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014-06-03 17:46:29 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014-06-03 17:40:56 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014-04-26 19:29:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014-04-26 19:29:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014-04-26 19:29:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014-04-26 19:29:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014-04-26 19:29:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014-04-25 16:49:16 | 000,006,186 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-04-25 10:59:36 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2014-04-25 10:53:48 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2014-04-25 10:51:34 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2014-04-17 22:28:30 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-07-14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2014-06-03 22:22:40 | 000,000,000 | ---D | M] -- C:\Users\Liukaner\AppData\Roaming\.dragoncraft.pl
[2014-06-09 11:08:01 | 000,000,000 | ---D | M] -- C:\Users\Liukaner\AppData\Roaming\.minecraft
[2014-06-14 21:35:15 | 000,000,000 | ---D | M] -- C:\Users\Liukaner\AppData\Roaming\DAEMON Tools Lite
[2014-06-14 11:13:50 | 000,000,000 | ---D | M] -- C:\Users\Liukaner\AppData\Roaming\GG
[2014-06-03 18:30:04 | 000,000,000 | ---D | M] -- C:\Users\Liukaner\AppData\Roaming\IObit
[2014-06-03 20:33:24 | 000,000,000 | ---D | M] -- C:\Users\Liukaner\AppData\Roaming\library_dir
[2014-06-14 19:02:28 | 000,000,000 | ---D | M] -- C:\Users\Liukaner\AppData\Roaming\TeamViewer
[2014-06-14 21:49:38 | 000,000,000 | ---D | M] -- C:\Users\Liukaner\AppData\Roaming\TS3Client
[2014-06-15 00:08:54 | 000,000,000 | ---D | M] -- C:\Users\Liukaner\AppData\Roaming\uTorrent

[color=#E56717]========== Purity Check ==========[/color]
 
< End of report >

OTL Extras logfile created on: 2014-06-15 00:07:35 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Liukaner\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

11,98 Gb Total Physical Memory | 9,19 Gb Available Physical Memory | 76,65% Memory free
23,97 Gb Paging File | 21,03 Gb Available in Paging File | 87,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 270,35 Gb Total Space | 149,65 Gb Free Space | 55,35% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 108,05 Gb Free Space | 55,32% Space Free | Partition Type: NTFS
Drive F: | 684,53 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: LIUKANERPC | User Name: Liukaner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1347464404-4033422319-3270200158-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05AD1927-CBA1-45BA-AF5F-9B49558D446E}" = rport=139 | protocol=6 | dir=out | app=system |
"{08DF5A5D-079E-402B-A687-4B1CC48AD3A6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{17E37043-5397-4E27-B2E5-BD58BD99CB5A}" = rport=138 | protocol=17 | dir=out | app=system |
"{2F191A91-4E1B-4E54-8622-0D8123D300FE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4302FA7D-1F83-4A28-9FAB-D634F7739BE0}" = lport=137 | protocol=17 | dir=in | app=system |
"{55D61528-D50D-42F3-8E5E-2F73ACAD8DA4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5B7B13D6-8F44-4028-881D-E61AA9C42A4C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{68FF3F87-4DEF-4D2F-BB75-4E2004DE8695}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{79CBB187-B1AA-4EDE-B289-10A1F0B17995}" = rport=445 | protocol=6 | dir=out | app=system |
"{7DC99485-2936-4054-BC3C-A802D36DFED8}" = rport=137 | protocol=17 | dir=out | app=system |
"{96078D21-D40C-420A-9455-27F126BAD425}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AFBD5417-0F54-4183-A4A9-8FB91152132B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AFEDCCFA-E9B6-4FDF-A623-A2890F2198B2}" = lport=445 | protocol=6 | dir=in | app=system |
"{B46B2CA1-5FAD-49F4-BCA0-2ACB0A53B6F3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BA00E71C-4510-4E42-AFC1-CA54289DBE2C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C448EAE4-D2E9-45CB-ACC3-BB76070E7A22}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C51C9E88-23F0-4F88-AD84-665344DF18BB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C912CB5F-FD2A-4A3F-8CC5-C37AFE54CF88}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D1034BEC-CD38-4137-988E-81701CF39167}" = lport=139 | protocol=6 | dir=in | app=system |
"{D84E884D-E0E6-4F67-9AE0-3498DCB01ADE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E7254716-A783-4C36-9B02-D81495C7696E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EF254E2B-A09D-445E-85DF-D8CDAD9C1C23}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F8F16D4F-25AB-4A78-8EFD-A722F1F8FBFF}" = lport=138 | protocol=17 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09499CA2-104D-4B60-B046-76201BE160CE}" = protocol=58 | dir=in | app=system |
"{0CAF3386-F7B4-4E5B-9E84-F13F49CBBC01}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1086723A-8F0C-4903-9713-C22BF7D320CE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1336F2BA-5A55-42CC-9308-2DB0509EC46C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1619463E-F2DB-4E9D-8048-26A438728F0E}" = protocol=58 | dir=in | [email protected],-28545 |
"{1EE64E9C-08D0-40F6-BA27-3F9ABA09940A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2898B962-7822-4C85-9F7F-7966F170D46A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{314E10FD-DB16-4FD9-B078-2DFC2A86F925}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{33FC3058-B3D4-47E6-9D51-910F39F1478D}" = protocol=58 | dir=out | [email protected],-503 |
"{523E52BF-C80A-42D3-8862-B31BC6E014EF}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{53329C5F-5161-4EDA-8E73-520441F81153}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A90B776-3720-4E5C-8054-1B23C73613A6}" = protocol=6 | dir=in | app=c:\users\liukaner\downloads\utorrent.exe |
"{6BAA6625-CE0E-421D-A0F6-77C6895BA125}" = protocol=6 | dir=in | app=c:\program files\ubisoft\watch_dogs\bin\watch_dogs.exe |
"{78BEDB82-315F-4104-A381-FE3CF97A3333}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7DABC859-BF53-4A18-BFDA-7795B812D3FC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{82BFACA0-7F64-485C-BB53-1F86FAF6723A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{83B57729-EA6B-44F5-8935-75D9718F5EF2}" = protocol=1 | dir=in | [email protected],-28543 |
"{83FB387F-3EC0-4196-B85E-1C5864041D73}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{89D02126-489F-489E-A5F3-0B933E846262}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8EF59D2D-82F5-4923-BD31-072C14A19E21}" = protocol=17 | dir=in | app=c:\users\liukaner\appdata\roaming\utorrent\utorrent.exe |
"{990ED664-D7F7-469B-B687-8984F46892B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9D7BF13D-AABF-456E-B5EB-2761F0935287}" = protocol=1 | dir=out | [email protected],-28544 |
"{9DB2FAE8-E99C-4489-A805-98760AA19473}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A35D39F7-6689-4643-9207-250D16F105D5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{A92703D3-620A-4EC6-95CA-B9FFEA9D650B}" = protocol=17 | dir=in | app=c:\program files\ubisoft\watch_dogs\bin\watch_dogs.exe |
"{B53A6053-C85A-4E0B-91D6-B8B5C7C956D8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CCA605A0-42D5-49B2-B473-C98CE847A35D}" = protocol=6 | dir=out | app=system |
"{D857301E-39E4-41FD-82AA-7E8C5C143424}" = protocol=58 | dir=out | [email protected],-28546 |
"{DAFDAD48-73AE-43F8-895B-FA02BE747C93}" = protocol=6 | dir=in | app=c:\users\liukaner\appdata\roaming\utorrent\utorrent.exe |
"{DC79057E-2A65-4319-B0E8-6CBEE426A36F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DDEA9F04-CD4B-4CBE-AF9B-54DA1BFAA3FF}" = protocol=17 | dir=in | app=c:\users\liukaner\downloads\utorrent.exe |
"{E4862B30-0B6B-4890-A8B4-0FA18558C4D7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{488C45FA-71C6-4B9D-9FB6-70800C3151A5}C:\program files\java\jre8\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre8\bin\javaw.exe |
"TCP Query User{4A820108-6BC1-4807-BDCE-6F6F52C5F353}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{54720157-6247-475D-8612-06FAA59F8778}C:\program files\magictune premium\magictune.exe" = protocol=6 | dir=in | app=c:\program files\magictune premium\magictune.exe |
"TCP Query User{8346B615-1176-4E3D-84C3-50F7C4B9A6C8}C:\program files\java\jre8\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre8\bin\java.exe |
"TCP Query User{AE3FA7BF-4378-4A5F-BEBF-1AD7DE9FE699}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{21D08B71-50A5-4882-87A1-1EA4FC7BB66F}C:\program files\java\jre8\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre8\bin\javaw.exe |
"UDP Query User{677E47DD-BC59-4A23-87E7-6132CF17245D}C:\program files\java\jre8\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre8\bin\java.exe |
"UDP Query User{BCAF44C4-EA6D-4118-95D3-C5F2D15E8D4C}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{EEB06DB0-6A5A-45FE-ABF4-4BCCE4A63543}C:\program files\magictune premium\magictune.exe" = protocol=17 | dir=in | app=c:\program files\magictune premium\magictune.exe |
"UDP Query User{F4A08A99-B64D-48C4-8ECF-59A110E917F1}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00653D04-04AF-3606-DADE-002DC26C0732}" = AMD Media Foundation Decoders
"{0A2E1907-D0DE-0D01-CA64-CB0AB0BFE539}" = AMD Wireless Display v3.0
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{26A24AE4-039D-4CA4-87B4-2F86418000FF}" = Java 8 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4E7F7C0A-4DE9-791C-61D4-9A5952DF5801}" = AMD Drag and Drop Transcoding
"{6119B3A6-3603-9695-0398-CDF2AF0A13F8}" = AMD Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{A6A04D70-ADF1-3FE6-3A79-577C284AC9D4}" = AMD Wireless Display v3.0
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ABD878B8-E7E3-2BC4-5A95-478133DCFFC3}" = AMD Accelerated Video Transcoding
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{D3485211-6ACA-8BC3-1AAB-29FC5552C454}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{031F80EB-1FE5-45EF-9DE2-E2F5AF01259F}" = CCC Help Spanish
"{0B15A8C3-3B8A-F229-A880-82EA62908425}" = CCC Help Dutch
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1A6752E1-966B-9D1F-F6B7-DDBCA6FC87ED}" = CCC Help Russian
"{2058DA53-D5F2-D8D9-7325-39B0E367D1E1}" = CCC Help Swedish
"{2090B6D0-E025-5A67-9838-8F1D5768E643}" = CCC Help Chinese Standard
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding
"{2AD4FF67-43E9-77AD-D90C-584F950E2D12}" = CCC Help French
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{3A577334-7C90-55BC-1878-F5862FA268B2}" = CCC Help Korean
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B10.1221.1
"{3BF289E3-933B-F421-3B59-F6BB0D285B09}" = CCC Help Hungarian
"{3CB6BA0C-6BC5-E543-221A-AA4DEBB6F4B5}" = CCC Help Polish
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{430E2D32-6EA9-E6E4-80A1-84047694A45B}" = CCC Help Czech
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.1216.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6A8D33-09CD-FD44-4BF0-999E8A6E93C8}" = CCC Help Italian
"{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}" = SpyHunter
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6EBDE2A2-0CFB-9134-A859-68A0002B3FA6}" = CCC Help Thai
"{769E98DC-2BB0-83A7-51C9-306F30232345}" = Catalyst Control Center Graphics Previews Common
"{79E9C7C5-4FCC-4DFF-B79E-17319E9522F3}" = MagicTunePremium
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{8181B50E-0E33-DE07-AAB2-E71BBBDBF288}" = CCC Help Portuguese
"{83FB054C-7DA5-1C76-BFB2-423426DC35BB}" = AMD Catalyst Control Center
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A640069-9784-701E-AC8E-84F62C42D1A3}" = CCC Help English
"{93098E43-2743-1551-447F-2699E9591E9C}" = CCC Help Danish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A17833D9-3FCD-4E83-BEDE-9996D5F077E7}" = PixelServ
"{A3703A3B-FDCF-4349-4B2E-A189A2B90B51}" = CCC Help Chinese Traditional
"{A619A488-A4BA-F2A0-72FA-4C484B93DC0F}" = CCC Help Greek
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @
"{C22378E6-9A65-438E-964C-7DB8FBB568DE}" = LogMeIn Hamachi
"{C4799AAA-CE52-D2F1-63C8-E6D5106C78E0}" = CCC Help Norwegian
"{C6182116-5F2D-9949-B42B-06073E86A98A}" = CCC Help German
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{CC6C7F05-AF23-65BD-702D-705EAB723578}" = CCC Help Japanese
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D5B7F1A3-2CA6-4C5C-EFB6-4AA5772F5310}" = CCC Help Turkish
"{DBA6B3EF-A8C0-4EB2-9554-3A7879838580}" = Catalyst Control Center Localization All
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4A6308C-55E6-57DF-95BB-AEEF374B469A}" = CCC Help Finnish
"{F543B0F9-D1F9-25D1-993C-8430BEC9D889}" = Catalyst Control Center InstallProxy
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.1216.1
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 30.0 (x86 pl)" = Mozilla Firefox 30.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SpeedFan" = SpeedFan (remove only)
"TeamViewer 9" = TeamViewer 9
"Uplay" = Uplay
"Uplay Install 274" = WATCH_DOGS

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1347464404-4033422319-3270200158-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG
"LauncherTekkity by luki!(x64)" = LauncherTekkity by luki!(x64)
"OpenFM" = OpenFM
"uTorrent" = µTorrent

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2014-06-14 15:51:42 | Computer Name = LiukanerPC | Source = Windows Search Service | ID = 3028
Description =

Error - 2014-06-14 15:51:42 | Computer Name = LiukanerPC | Source = Windows Search Service | ID = 3058
Description =

Error - 2014-06-14 15:51:42 | Computer Name = LiukanerPC | Source = Windows Search Service | ID = 7010
Description =

Error - 2014-06-14 15:56:51 | Computer Name = LiukanerPC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy
proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance.
Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych
Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis
DWORD w sekcji Data.

Error - 2014-06-14 15:56:51 | Computer Name = LiukanerPC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy
proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance.
Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych
Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis
DWORD w sekcji Data.

Error - 2014-06-14 15:56:51 | Computer Name = LiukanerPC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl
(WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu.

Error - 2014-06-14 15:56:55 | Computer Name = LiukanerPC | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 30.0.0.5269,
sygnatura czasowa: 0x53914233  Nazwa modułu powodującego błąd: mozalloc.dll, wersja:
30.0.0.5269, sygnatura czasowa: 0x53911393  Kod wyjątku: 0x80000003  Przesunięcie błędu:
0x0000141b  Identyfikator procesu powodującego błąd: 0xa78  Godzina uruchomienia aplikacji
powodującej błąd: 0x01cf880a7a357ff6  Ścieżka aplikacji powodującej błąd: C:\Program
Files (x86)\Mozilla Firefox\plugin-container.exe  Ścieżka modułu powodującego błąd:
C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll  Identyfikator raportu: 08dcc595-f3fe-11e3-8b8c-50e54924ae35

Error - 2014-06-14 16:42:28 | Computer Name = LiukanerPC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy
proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance.
Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych
Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis
DWORD w sekcji Data.

Error - 2014-06-14 16:42:28 | Computer Name = LiukanerPC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy
proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance.
Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych
Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis
DWORD w sekcji Data.

Error - 2014-06-14 16:42:28 | Computer Name = LiukanerPC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl
(WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu.

[ System Events ]
Error - 2014-06-14 15:45:42 | Computer Name = LiukanerPC | Source = Service Control Manager | ID = 7030
Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System
jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego
ta usługa może nie działać właściwie.

Error - 2014-06-14 15:49:08 | Computer Name = LiukanerPC | Source = Application Popup | ID = 1060
Description = Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane
z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania
w celu uzyskania zgodnej wersji sterownika.

Error - 2014-06-14 15:49:08 | Computer Name = LiukanerPC | Source = Application Popup | ID = 1060
Description = Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane
z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania
w celu uzyskania zgodnej wersji sterownika.

Error - 2014-06-14 15:49:25 | Computer Name = LiukanerPC | Source = Service Control Manager | ID = 7030
Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System
jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego
ta usługa może nie działać właściwie.

Error - 2014-06-14 15:49:31 | Computer Name = LiukanerPC | Source = Service Control Manager | ID = 7030
Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System
jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego
ta usługa może nie działać właściwie.

Error - 2014-06-14 15:51:42 | Computer Name = LiukanerPC | Source = Service Control Manager | ID = 7024
Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla
niej błąd %%-1073473535.

Error - 2014-06-14 15:51:42 | Computer Name = LiukanerPC | Source = Service Control Manager | ID = 7031
Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom usługę ponownie.

Error - 2014-06-14 15:57:40 | Computer Name = LiukanerPC | Source = Service Control Manager | ID = 7031
Description = Usługa Update WebSpades niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom usługę ponownie.

Error - 2014-06-14 16:36:19 | Computer Name = LiukanerPC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 22:35:14 na ?2014-?06-?14 było
nieoczekiwane.

Error - 2014-06-14 16:36:26 | Computer Name = LiukanerPC | Source = BugCheck | ID = 1001
Description =


< End of report >

Rocki star12 · 14 Czerwca 2014

Wstaw ten log z combofixa zaraz zajrzę w OTL.

@Edit Tak na prawde log jest czysty a ty jedynie musisz ustawić przeglądarki do ustawień standardowych :

Google Chrome

Ustawienia -> po lewej rozszerzenia i usuwamy wszystkie toolbary/dodatki.

Ustawienia -> po lewej ustawienia -> pokaż ustawienia zaawansowane, zjeżdżamy na sam dół i wybieramy Zresetuj ustawienia przeglądarki.

Ustawienia -> po lewej ustawienia -> wyszukiwanie -> klikamy w zarządzaj wyszukiwarkami i usuwamy wszystko oprócz google.com

Resetowanie cache wtyczek -> w pasek adresu wpisz chrome :/plugins, wybierz dowolną wtyczkę, wyłącz i włącz.

Firefox

Menu pomoc -> informacje dla pomocy technicznej -> zresetuj program Firefox.
"wyczyść przeglądark "

Z IE pewno nie korzystasz więc nawet nie mówię :P.

Cytryn · 14 Czerwca 2014

Wstaw ten log z combofixa zaraz zajrzę w OTL.

@Edit Tak na prawde log jest czysty a ty jedynie musisz ustawić przeglądarki do ustawień standardowych :

Z IE pewno nie korzystasz więc nawet nie mówię :P.

Nie mam loga z combofixa, nie wiem dlaczego, jutro rano zrobię znów skan i wstawię loga.

IE nie używam, chroma też nie, tylko mozille którą "przyśpieszyłem" zgodnie z poradnikiem z tego forum. Duzo szybciej działa

Janusz. · 14 Czerwca 2014

Nie rób nowego loga z combofixa! Nie jest to skaner ale narzędzie które mocno ingeruje w system! Log z niego znajdziesz w C:\Qoobox albo C:\Combofix

Cytryn · 15 Czerwca 2014

Nie mam tego ;/

Dlaczego SpyHunter4 wykrywa w gg wirusy backdoor.gadu-gadu ?

Zaloguj się

👋 Witaj na MPCForum!

Czy pozbyłem się wirusa?

Rekomendowane odpowiedzi

Cytryn

Cytryn

Rocki star12

Rocki star12

Cytryn

Cytryn

Janusz.

Janusz.

Cytryn

Cytryn

Zarchiwizowany