Log OTL proszę sprawdzić czy coś jest

bronek13x · 23 Stycznia 2013

tak jak w temacie

OTL

OTL logfile created on: 2013-01-23 17:34:04 - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = G:\

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

6,00 Gb Total Physical Memory | 4,70 Gb Available Physical Memory | 78,33% Memory free

11,99 Gb Paging File | 10,64 Gb Available in Paging File | 88,71% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 102,54 Gb Total Space | 57,74 Gb Free Space | 56,31% Space Free | Partition Type: NTFS

Drive D: | 195,45 Gb Total Space | 157,98 Gb Free Space | 80,83% Space Free | Partition Type: NTFS

Drive G: | 3,73 Gb Total Space | 3,58 Gb Free Space | 96,07% Space Free | Partition Type: FAT32

Computer Name: KOMPUTER | User Name: mati | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (All) ==========

PRC - [2012-12-20 16:39:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\OTL.exe

PRC - [2012-12-11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe

PRC - [2012-12-10 11:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe

PRC - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

PRC - [2012-10-22 12:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

PRC - [2012-09-12 15:58:46 | 001,512,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

PRC - [2010-11-21 04:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

========== Modules (All) ==========

MOD - [2012-12-20 16:39:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\OTL.exe

MOD - [2012-12-11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe

MOD - [2012-12-11 03:52:20 | 002,608,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgkrnlapix.dll

MOD - [2012-12-06 04:07:10 | 000,793,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgsysx.dll

MOD - [2012-11-30 05:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll

MOD - [2012-11-30 05:53:59 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll

MOD - [2012-11-22 05:45:03 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll

MOD - [2012-11-15 23:34:32 | 001,001,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgcfgx.dll

MOD - [2012-10-22 12:04:38 | 002,024,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avguires.dll

MOD - [2012-10-22 12:04:36 | 000,025,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgapps.dll

MOD - [2012-10-22 12:04:12 | 000,862,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgntopensslx.dll

MOD - [2012-10-22 12:04:10 | 000,311,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avglogx.dll

MOD - [2012-10-22 12:04:10 | 000,177,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avglngx.dll

MOD - [2012-10-22 12:04:08 | 000,481,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgcommx.dll

MOD - [2012-10-22 12:04:04 | 000,348,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidpmx.dll

MOD - [2012-10-22 12:03:44 | 000,279,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgclitx.dll

MOD - [2012-10-09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll

MOD - [2012-08-24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll

MOD - [2012-08-24 17:57:40 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll

MOD - [2012-08-24 17:53:35 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll

MOD - [2012-08-16 03:30:30 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll

MOD - [2012-08-16 03:27:33 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll

MOD - [2012-08-16 03:25:02 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll

MOD - [2012-08-16 03:24:32 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll

MOD - [2012-08-16 03:24:18 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll

MOD - [2012-08-16 03:22:14 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll

MOD - [2012-08-16 03:21:54 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll

MOD - [2012-08-16 03:21:54 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll

MOD - [2012-08-16 03:20:28 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll

MOD - [2012-06-02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll

MOD - [2011-06-11 00:58:52 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100u.dll

MOD - [2011-06-11 00:58:52 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll

MOD - [2011-06-11 00:58:52 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll

MOD - [2011-06-11 00:58:52 | 000,055,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100enu.dll

MOD - [2010-11-21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll

MOD - [2010-11-21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL

MOD - [2010-11-21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll

MOD - [2010-11-21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll

MOD - [2010-11-21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll

MOD - [2010-11-21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll

MOD - [2010-11-21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll

MOD - [2010-11-21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll

MOD - [2010-11-21 04:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll

MOD - [2010-11-21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll

MOD - [2010-11-21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll

MOD - [2010-11-21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MPCrt4.dll

MOD - [2010-11-21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll

MOD - [2010-11-21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll

MOD - [2010-11-21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv

MOD - [2010-11-21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll

MOD - [2010-11-21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll

MOD - [2010-11-21 04:24:02 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll

MOD - [2010-11-21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll

MOD - [2010-11-21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

MOD - [2010-11-21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll

MOD - [2010-11-21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll

MOD - [2010-11-21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll

MOD - [2010-11-21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll

MOD - [2010-11-21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll

MOD - [2010-11-21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll

MOD - [2010-11-21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll

MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll

MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll

MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll

MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll

MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll

MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll

MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll

MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll

MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll

MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll

MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll

MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll

MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll

MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll

MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll

MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll

MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll

MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll

MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll

MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll

MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx

MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll

MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012-10-13 02:27:56 | 000,523,632 | ---- | M] (AnchorFree Inc.) [Disabled | Stopped] -- C:\Program Files\toy\story\bin\openvpnas.exe -- (hshld)

SRV:64bit: - [2012-10-12 01:37:42 | 000,389,488 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\toy\story\bin\hsswd.exe -- (HssWd)

SRV:64bit: - [2012-08-06 11:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)

SRV:64bit: - [2012-07-28 03:09:44 | 000,239,616 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2013-01-04 14:57:18 | 000,595,160 | ---- | M] () [Disabled | Stopped] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)

SRV - [2013-01-04 12:43:25 | 000,711,112 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)

SRV - [2012-12-12 16:18:08 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012-12-10 11:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws)

SRV - [2012-11-15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)

SRV - [2012-11-09 10:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012-10-22 12:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)

SRV - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012-07-17 14:25:26 | 000,580,648 | ---- | M] (WiseCleaner.com) [Disabled | Stopped] -- C:\Program Files (x86)\Wise Care 365\BootTime.exe -- (WiseBootAssistant)

SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-01-04 12:43:25 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)

DRV:64bit: - [2012-12-09 10:51:20 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)

DRV:64bit: - [2012-11-15 23:33:24 | 000,111,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)

DRV:64bit: - [2012-10-22 12:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)

DRV:64bit: - [2012-10-15 02:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)

DRV:64bit: - [2012-10-02 02:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)

DRV:64bit: - [2012-09-21 02:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)

DRV:64bit: - [2012-09-21 02:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)

DRV:64bit: - [2012-09-14 02:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)

DRV:64bit: - [2012-09-12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2012-09-04 09:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)

DRV:64bit: - [2012-08-23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)

DRV:64bit: - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012-08-16 03:30:56 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2012-08-16 03:30:56 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2012-08-16 03:24:54 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012-08-01 19:13:42 | 000,041,704 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)

DRV:64bit: - [2012-08-01 19:13:40 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)

DRV:64bit: - [2012-07-28 05:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2012-07-28 02:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2012-05-14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2012-03-05 15:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)

DRV:64bit: - [2011-06-27 00:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2010-11-21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)

DRV:64bit: - [2010-11-21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)

DRV:64bit: - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2010-11-21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010-02-18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)

DRV:64bit: - [2009-12-30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)

DRV:64bit: - [2009-11-19 14:06:43 | 000,158,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039unic.sys -- (s1039unic)

DRV:64bit: - [2009-11-19 14:06:43 | 000,137,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039obex.sys -- (s1039obex)

DRV:64bit: - [2009-11-19 14:06:43 | 000,034,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039nd5.sys -- (s1039nd5)

DRV:64bit: - [2009-11-19 14:06:41 | 000,141,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mgmt.sys -- (s1039mgmt)

DRV:64bit: - [2009-11-19 14:06:40 | 000,161,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdm.sys -- (s1039mdm)

DRV:64bit: - [2009-11-19 14:06:39 | 000,019,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039mdfl.sys -- (s1039mdfl)

DRV:64bit: - [2009-11-19 14:06:38 | 000,127,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1039bus.sys -- (s1039bus)

DRV:64bit: - [2009-08-20 09:41:38 | 001,800,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)

DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2007-08-09 00:21:00 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)

DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzuyByE0FtDyC0DyBzyzz0CyE0F0EtCzz0EtN0D0Tzu0CtBzytCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1484951946

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE:64bit: - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzuyByE0FtDyC0DyBzyzz0CyE0F0EtCzz0EtN0D0Tzu0CtBzytCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1484951946

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=pcc&from=pcc&uid=WD-WXH1A50K7188_WDCWD3200BEVT-80A0RT0&ts=1357048648

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.00000&barid={03724CB7-22B6-11E2-A6F8-CC38573EA9AC}

IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc}: "URL" = http://www.searchamong.com/searchview.php?source=6987e315b363f4b09672a1cda71caea8&query={searchTerms}&cat=webs&bar=true

IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzuyByE0FtDyC0DyBzyzz0CyE0F0EtCzz0EtN0D0Tzu0CtBzytCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1484951946

IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.00000&barid={03724CB7-22B6-11E2-A6F8-CC38573EA9AC}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\mati 2\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=APN10189&gct=hp

IE - HKU\mati 2\..\SearchScopes,DefaultScope = {154d339e-ccaa-49a5-9b38-6878ad4220bc}

IE - HKU\mati 2\..\SearchScopes\{5972F78E-A4AD-4611-9ECA-EA78116636A8}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=STC8&o=APN10189&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^AJL&apn_dtid=^YYYYYY^YY^PL&apn_uid=1F98E44D-373E-463B-8C8B-F386E507E789&apn_sauid=5215F4EE-6EC5-47E1-B182-E5329C904311

IE - HKU\mati 2\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\mati 3\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=APN10189&gct=hp

IE - HKU\mati 3\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKU\mati 3\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4049360752-2468500819-3823200287-1012\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=APN10189&gct=hp

IE - HKU\S-1-5-21-4049360752-2468500819-3823200287-1012\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKU\S-1-5-21-4049360752-2468500819-3823200287-1012\..\SearchScopes\{82AE9D4A-CBA6-46FA-A3EC-A812D886C0F2}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=STC8&o=APN10189&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AJL&apn_dtid=^YYYYYY^YY^PL&apn_uid=1F98E44D-373E-463B-8C8B-F386E507E789&apn_sauid=5215F4EE-6EC5-47E1-B182-E5329C904311

IE - HKU\S-1-5-21-4049360752-2468500819-3823200287-1012\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb213/?search={searchTerms}&loc=IB_DS&a=6Oz0E9Cjvj&i=26

IE - HKU\S-1-5-21-4049360752-2468500819-3823200287-1012\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.00000&barid={03724CB7-22B6-11E2-A6F8-CC38573EA9AC}

IE - HKU\S-1-5-21-4049360752-2468500819-3823200287-1012\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2012-10-27 21:51:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox [2012-10-27 21:51:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2013-01-05 12:42:42 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\statuswinks@StatusWinks: C:\Users\llll\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks [2013-01-04 14:58:11 | 000,000,000 | ---D | M]

[2012-11-24 20:10:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

========== Chrome ==========

CHR - homepage: http://home.sweetim.com/?crg=3.1010000.00000&barid={03724CB7-22B6-11E2-A6F8-CC38573EA9AC}

CHR - default_search_provider: SweetIM Search (Enabled)

CHR - default_search_provider: search_url = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.00000&barid={03724CB7-22B6-11E2-A6F8-CC38573EA9AC}

CHR - default_search_provider: suggest_url =

CHR - homepage: http://home.sweetim.com/?crg=3.1010000.00000&barid={03724CB7-22B6-11E2-A6F8-CC38573EA9AC}

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll

CHR - Extension: Dysk Google = C:\Users\mati.Komputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Users\mati.Komputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Szukaj w Google = C:\Users\mati.Komputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Babylon Toolbar = C:\Users\mati.Komputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.9_0\

CHR - Extension: Smiley Bar for Facebook = C:\Users\mati.Komputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih\1.0.0.4_0\

CHR - Extension: Mario Forever = C:\Users\mati.Komputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jllpjckabhalgdienlngoikeehalibei\10.13.20.29_0\

CHR - Extension: Gmail = C:\Users\mati.Komputer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension64.dll ()

O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.

O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\bh\BabylonToolbar.dll (Babylon BHO)

O2 - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll ()

O2 - BHO: (no name) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - No CLSID value found.

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Smiley Bar for Facebook) - {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} - C:\Program Files (x86)\Smiley Bar for Facebook\ScriptHost.dll (Status Winks)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()

O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\BabylonToolbarTlbr.dll (Babylon Ltd.)

O3 - HKLM\..\Toolbar: (no name) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.

O3 - HKU\mati 2\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKU\mati 2..\Run: [ChomikBox] C:\Program Files (x86)\ChomikBox\ChomikBox.exe ( )

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-4049360752-2468500819-3823200287-1012..\Run: [ChomikBox] C:\Program Files (x86)\ChomikBox\chomikbox.exe ( )

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\mati 2\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\mati 3\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-4049360752-2468500819-3823200287-1012\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0EF1B0CB-A7A7-42A7-B1CE-35B00B10DDD1}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2013-01-23 17:24:46 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Local\VS Revo Group

[2013-01-20 13:03:24 | 001,963,008 | ---- | C] (TML-Studios) -- C:\Users\mati.Komputer\Desktop\CBS.exe

[2013-01-20 12:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TML-Studios

[2013-01-20 12:29:33 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\Desktop\c.b.simulator

[2013-01-20 12:26:40 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Local\Adobe

[2013-01-19 10:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Mario Bros. X

[2013-01-18 19:55:26 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\.gstreamer-0.10

[2013-01-18 19:55:22 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Local\ChomikBox

[2013-01-18 14:02:45 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\Documents\BusCableCarSimulatorDemo

[2013-01-18 14:02:45 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Local\BusCableCarSimulatorDemo

[2013-01-18 14:00:20 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\Desktop\BusCableCarSimulation-Demo

[2013-01-18 13:59:06 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Local\APN

[2013-01-18 12:27:57 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\Desktop\MinecraftSP

[2013-01-18 12:26:47 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\Desktop\TooManyItems2013_01_09_1.4.7

[2013-01-18 12:25:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Incredibar.com

[2013-01-18 12:25:13 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Roaming\Systweak

[2013-01-18 09:17:32 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Roaming\.minecraft

[2013-01-18 09:17:02 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Roaming\WinRAR

[2013-01-18 08:16:37 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Roaming\Macromedia

[2013-01-18 08:16:35 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Roaming\Adobe

[2013-01-18 08:13:59 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Roaming\PowerISO

[2013-01-17 19:26:00 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Local\Google

[2013-01-17 19:22:17 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Roaming\Skype

[2013-01-17 19:20:52 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Roaming\AVG2013

[2013-01-17 19:20:50 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Local\Avg2013

[2013-01-17 19:20:41 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2013-01-17 19:20:41 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\Searches

[2013-01-17 19:20:41 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2013-01-17 19:20:30 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Roaming\Identities

[2013-01-17 19:20:28 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\Contacts

[2013-01-17 19:20:27 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Local\VirtualStore

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\Ustawienia lokalne

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\AppData\Local\Temporary Internet Files

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\Szablony

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\SendTo

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\Recent

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\PrintHood

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\NetHood

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\Documents\Moje wideo

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\Documents\Moje obrazy

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\Moje dokumenty

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\Documents\Moja muzyka

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\Menu Start

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\AppData\Local\Historia

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\Dane aplikacji

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\AppData\Local\Dane aplikacji

[2013-01-17 19:20:23 | 000,000,000 | -HSD | C] -- C:\Users\mati.Komputer\Cookies

[2013-01-17 19:20:22 | 000,000,000 | --SD | C] -- C:\Users\mati.Komputer\AppData\Roaming\Microsoft

[2013-01-17 19:20:22 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\Videos

[2013-01-17 19:20:22 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\Saved Games

[2013-01-17 19:20:22 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\Pictures

[2013-01-17 19:20:22 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\Music

[2013-01-17 19:20:22 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2013-01-17 19:20:22 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\Links

[2013-01-17 19:20:22 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\Favorites

[2013-01-17 19:20:22 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\Downloads

[2013-01-17 19:20:22 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\Documents

[2013-01-17 19:20:22 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\Desktop

[2013-01-17 19:20:22 | 000,000,000 | R--D | C] -- C:\Users\mati.Komputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2013-01-17 19:20:22 | 000,000,000 | -H-D | C] -- C:\Users\mati.Komputer\AppData

[2013-01-17 19:20:22 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Roaming\TuneUp Software

[2013-01-17 19:20:22 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Local\Temp

[2013-01-17 19:20:22 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Local\Microsoft

[2013-01-17 19:20:22 | 000,000,000 | ---D | C] -- C:\Users\mati.Komputer\AppData\Roaming\Media Center Programs

[2013-01-17 15:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO

[2013-01-16 14:15:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive

[2013-01-16 14:12:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\City Interactive

[2013-01-11 11:14:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

[2013-01-10 14:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia

[2013-01-09 14:29:53 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG

[2013-01-09 14:29:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}

[2013-01-09 13:57:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2013-01-09 13:55:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight

[2013-01-08 13:32:20 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2013-01-06 09:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft PC Gamer Demo

[2013-01-06 09:47:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Minecraft PC Gamer Demo

[2013-01-04 14:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect

[2013-01-04 14:58:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter

[2013-01-04 14:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow

[2013-01-04 14:58:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haali

[2013-01-04 14:57:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow

[2013-01-04 14:57:57 | 000,019,896 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe

[2013-01-04 14:57:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smiley Bar for Facebook

[2013-01-04 14:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer

[2013-01-04 14:57:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Performer

[2013-01-04 14:57:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Scout

[2013-01-04 14:57:47 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService

[2013-01-04 12:43:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search

[2013-01-04 12:43:37 | 000,030,568 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys

[2013-01-04 12:43:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search

[2013-01-04 12:43:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search

[2013-01-04 11:58:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe

[2013-01-02 15:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2013-01-01 14:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\v9Soft

[2012-12-28 09:15:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2012-12-28 09:15:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools

[2012-12-22 12:48:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit

[2012-12-22 12:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever Editor - Mario Worker

[2012-12-22 12:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\buziol.pl

[2012-12-16 12:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Softendo.com

[2012-12-16 12:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\softendo.com

[2012-12-15 10:56:43 | 000,000,000 | ---D | C] -- C:\Program Files\Vuze

[2012-12-08 09:46:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt

[2012-12-07 18:06:23 | 000,000,000 | ---D | C] -- C:\Program Files\SMBX

[2012-12-07 10:38:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WB Games

[2012-12-07 10:38:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games

[2012-11-29 16:34:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company

[2012-11-29 16:33:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LEGO Company

[2012-11-27 15:40:21 | 000,000,000 | ---D | C] -- C:\Program Files\Plus!

[2012-11-27 14:12:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Perion

[2012-11-24 20:10:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2012-11-24 20:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon

========== Files - Modified Within 60 Days ==========

[2013-01-23 17:30:37 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013-01-23 17:30:37 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013-01-23 17:23:28 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013-01-23 17:23:20 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job

[2013-01-23 17:22:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013-01-23 17:22:48 | 535,162,879 | -HS- | M] () -- C:\hiberfil.sys

[2013-01-23 17:17:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013-01-23 16:51:00 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013-01-23 15:01:00 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\PC Performer_DEFAULT.job

[2013-01-23 14:58:00 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\PC Performer_UPDATES.job

[2013-01-23 14:01:01 | 000,013,470 | ---- | M] () -- C:\Users\mati.Komputer\Desktop\C4Log.html

[2013-01-22 13:51:09 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2013-01-21 19:31:22 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013-01-21 19:31:22 | 000,698,226 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat

[2013-01-21 19:31:22 | 000,616,304 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013-01-21 19:31:22 | 000,135,490 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat

[2013-01-21 19:31:22 | 000,106,684 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013-01-20 20:44:47 | 000,000,578 | ---- | M] () -- C:\Users\Public\Desktop\City Bus Simulator 2010 - New York.lnk

[2013-01-19 10:56:43 | 000,001,450 | ---- | M] () -- C:\Users\Public\Desktop\SuperMarioBrothers.org.lnk

[2013-01-19 10:56:43 | 000,000,550 | ---- | M] () -- C:\Users\Public\Desktop\Super Mario Bros. X.lnk

[2013-01-19 10:55:56 | 000,000,305 | ---- | M] () -- C:\Users\mati.Komputer\Desktop\Search the Web.url

[2013-01-19 10:55:56 | 000,000,299 | ---- | M] () -- C:\Users\mati.Komputer\Desktop\SweetPcFix.url

[2013-01-18 19:53:57 | 000,396,059 | ---- | M] () -- C:\Users\mati.Komputer\Desktop\Mario1.4.7.zip

[2013-01-18 13:58:15 | 2176,388,192 | ---- | M] () -- C:\Users\mati.Komputer\Desktop\BusCableCarSimulation-Demo.rar

[2013-01-18 12:27:55 | 000,000,633 | ---- | M] () -- C:\Users\mati.Komputer\Desktop\MinecraftSP.lnk

[2013-01-18 12:25:40 | 000,002,481 | ---- | M] () -- C:\user.js

[2013-01-18 12:24:57 | 000,096,469 | ---- | M] () -- C:\Users\mati.Komputer\Desktop\TooManyItems2013_01_09_1.4.7.zip

[2013-01-17 19:26:06 | 000,002,259 | ---- | M] () -- C:\Users\mati.Komputer\Desktop\Google Chrome.lnk

[2013-01-17 19:20:24 | 000,000,266 | RHS- | M] () -- C:\Users\mati.Komputer\ntuser.pol

[2013-01-17 15:36:09 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk

[2013-01-09 14:14:06 | 000,276,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013-01-07 17:13:14 | 000,140,408 | ---- | M] () -- C:\Sonic-3D-Blast-(F)-[!].gs2

[2013-01-07 17:13:13 | 000,140,408 | ---- | M] () -- C:\Sonic-3D-Blast-(F)-[!].gs1

[2013-01-07 17:13:12 | 000,140,408 | ---- | M] () -- C:\Sonic-3D-Blast-(F)-[!].gs0

[2013-01-07 17:13:05 | 000,140,408 | ---- | M] () -- C:\Sonic-3D-Blast-(F)-[!].gs9

[2013-01-07 17:12:30 | 000,140,408 | ---- | M] () -- C:\Sonic-3D-Blast-(F)-[!].gs8

[2013-01-04 12:43:25 | 000,030,568 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys

[2012-12-22 12:48:06 | 000,000,009 | ---- | M] () -- C:\END

[2012-12-10 12:01:24 | 000,019,896 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe

[2012-12-09 10:51:20 | 000,126,944 | ---- | M] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys

========== Files Created - No Company Name ==========

[2013-01-20 13:03:27 | 000,013,470 | ---- | C] () -- C:\Users\mati.Komputer\Desktop\C4Log.html

[2013-01-20 12:51:32 | 000,000,578 | ---- | C] () -- C:\Users\Public\Desktop\City Bus Simulator 2010 - New York.lnk

[2013-01-19 10:56:43 | 000,001,450 | ---- | C] () -- C:\Users\Public\Desktop\SuperMarioBrothers.org.lnk

[2013-01-19 10:56:43 | 000,000,550 | ---- | C] () -- C:\Users\Public\Desktop\Super Mario Bros. X.lnk

[2013-01-19 10:55:56 | 000,000,305 | ---- | C] () -- C:\Users\mati.Komputer\Desktop\Search the Web.url

[2013-01-19 10:55:56 | 000,000,299 | ---- | C] () -- C:\Users\mati.Komputer\Desktop\SweetPcFix.url

[2013-01-18 19:53:55 | 000,396,059 | ---- | C] () -- C:\Users\mati.Komputer\Desktop\Mario1.4.7.zip

[2013-01-18 13:45:49 | 2176,388,192 | ---- | C] () -- C:\Users\mati.Komputer\Desktop\BusCableCarSimulation-Demo.rar

[2013-01-18 12:24:56 | 000,096,469 | ---- | C] () -- C:\Users\mati.Komputer\Desktop\TooManyItems2013_01_09_1.4.7.zip

[2013-01-18 09:17:03 | 000,000,633 | ---- | C] () -- C:\Users\mati.Komputer\Desktop\MinecraftSP.lnk

[2013-01-17 19:20:47 | 000,001,421 | ---- | C] () -- C:\Users\mati.Komputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

[2013-01-17 19:20:42 | 000,002,259 | ---- | C] () -- C:\Users\mati.Komputer\Desktop\Google Chrome.lnk

[2013-01-17 19:20:42 | 000,001,455 | ---- | C] () -- C:\Users\mati.Komputer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2013-01-17 19:20:24 | 000,000,266 | RHS- | C] () -- C:\Users\mati.Komputer\ntuser.pol

[2013-01-17 15:36:09 | 000,001,184 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk

[2013-01-07 17:13:13 | 000,140,408 | ---- | C] () -- C:\Sonic-3D-Blast-(F)-[!].gs2

[2013-01-07 17:13:11 | 000,140,408 | ---- | C] () -- C:\Sonic-3D-Blast-(F)-[!].gs1

[2013-01-07 17:12:30 | 000,140,408 | ---- | C] () -- C:\Sonic-3D-Blast-(F)-[!].gs8

[2013-01-07 17:12:30 | 000,140,408 | ---- | C] () -- C:\Sonic-3D-Blast-(F)-[!].gs0

[2013-01-07 17:12:29 | 000,140,408 | ---- | C] () -- C:\Sonic-3D-Blast-(F)-[!].gs9

[2013-01-04 14:58:19 | 000,000,282 | ---- | C] () -- C:\Windows\tasks\PC Performer_UPDATES.job

[2013-01-04 14:58:19 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\PC Performer_DEFAULT.job

[2013-01-04 14:58:01 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

[2013-01-04 11:58:40 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

[2012-12-15 10:56:59 | 000,001,798 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk

[2012-10-30 19:56:51 | 000,005,192 | ---- | C] () -- C:\Windows\SysWow64\svcproxy.ini

[2012-10-30 19:56:51 | 000,003,904 | ---- | C] () -- C:\Windows\SysWow64\SVCProxyOff.ini

[2012-10-18 18:34:19 | 000,000,020 | ---- | C] () -- C:\Windows\mafosav.INI

[2012-10-14 13:51:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

[2012-10-14 10:49:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2012-07-28 02:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

[2012-07-28 02:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[2011-09-12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012-08-16 03:27:33 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012-08-16 03:27:33 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012-12-09 17:56:31 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software

[2012-12-09 17:56:31 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

[2013-01-05 13:20:24 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\.minecraft

[2013-01-09 14:30:48 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\AVG

[2012-10-23 18:14:05 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\AVG2013

[2012-12-25 10:31:00 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\Azureus

[2013-01-04 14:58:48 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\BabSolution

[2012-11-24 20:09:47 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\Babylon

[2012-11-29 16:34:24 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\LEGO Company

[2012-12-02 15:05:59 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\LOVE

[2013-01-04 14:58:04 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\PerformerSoft

[2012-10-23 18:14:25 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\PowerISO

[2013-01-04 14:58:10 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\StatusWinks

[2012-10-23 18:14:43 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\TuneUp Software

[2012-11-30 16:23:50 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\Unity

[2013-01-16 17:23:35 | 000,000,000 | ---D | M] -- C:\Users\llll\AppData\Roaming\Wise Care 365

[2013-01-21 14:32:18 | 000,000,000 | ---D | M] -- C:\Users\mati 2\AppData\Roaming\.minecraft

[2013-01-18 16:37:46 | 000,000,000 | ---D | M] -- C:\Users\mati 2\AppData\Roaming\AVG2013

[2013-01-18 16:37:16 | 000,000,000 | ---D | M] -- C:\Users\mati 2\AppData\Roaming\Systweak

[2012-12-09 17:56:31 | 000,000,000 | ---D | M] -- C:\Users\mati 2\AppData\Roaming\TuneUp Software

[2013-01-22 17:40:51 | 000,000,000 | ---D | M] -- C:\Users\mati 3\AppData\Roaming\.minecraft

[2013-01-21 18:11:55 | 000,000,000 | ---D | M] -- C:\Users\mati 3\AppData\Roaming\AVG2013

[2013-01-22 14:31:54 | 000,000,000 | ---D | M] -- C:\Users\mati 3\AppData\Roaming\PowerISO

[2013-01-21 18:11:34 | 000,000,000 | ---D | M] -- C:\Users\mati 3\AppData\Roaming\Systweak

[2012-12-09 17:56:31 | 000,000,000 | ---D | M] -- C:\Users\mati 3\AppData\Roaming\TuneUp Software

[2013-01-20 17:40:45 | 000,000,000 | ---D | M] -- C:\Users\mati.Komputer\AppData\Roaming\.minecraft

[2013-01-17 19:20:52 | 000,000,000 | ---D | M] -- C:\Users\mati.Komputer\AppData\Roaming\AVG2013

[2013-01-18 08:13:59 | 000,000,000 | ---D | M] -- C:\Users\mati.Komputer\AppData\Roaming\PowerISO

[2013-01-23 17:29:56 | 000,000,000 | ---D | M] -- C:\Users\mati.Komputer\AppData\Roaming\Systweak

[2012-12-09 17:56:31 | 000,000,000 | ---D | M] -- C:\Users\mati.Komputer\AppData\Roaming\TuneUp Software

[2012-10-21 15:50:50 | 000,000,000 | ---D | M] -- C:\Users\mati2\AppData\Roaming\AVG2013

[2012-10-29 19:12:40 | 000,000,000 | ---D | M] -- C:\Users\mati2\AppData\Roaming\ESET

[2012-11-04 13:30:28 | 000,000,000 | ---D | M] -- C:\Users\mati2\AppData\Roaming\PowerISO

[2012-10-21 15:50:12 | 000,000,000 | ---D | M] -- C:\Users\mati2\AppData\Roaming\TuneUp Software

[2012-11-04 10:46:24 | 000,000,000 | ---D | M] -- C:\Users\mati2\AppData\Roaming\Wise Care 365

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:2D4947E9

@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:D3B89BF7

@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

Extras

OTL Extras logfile created on: 2013-01-23 17:34:04 - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = G:\

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

6,00 Gb Total Physical Memory | 4,70 Gb Available Physical Memory | 78,33% Memory free

11,99 Gb Paging File | 10,64 Gb Available in Paging File | 88,71% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 102,54 Gb Total Space | 57,74 Gb Free Space | 56,31% Space Free | Partition Type: NTFS

Drive D: | 195,45 Gb Total Space | 157,98 Gb Free Space | 80,83% Space Free | Partition Type: NTFS

Drive G: | 3,73 Gb Total Space | 3,58 Gb Free Space | 96,07% Space Free | Partition Type: FAT32

Computer Name: KOMPUTER | User Name: mati | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-4049360752-2468500819-3823200287-1012\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- "C:\Program Files (x86)\File Scout\filescout.exe" /open "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- "C:\Program Files (x86)\File Scout\filescout.exe" /open "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0B3AF941-E450-4A27-B4ED-CE7B8A7AEA6A}" = rport=139 | protocol=6 | dir=out | app=system |

"{1ACC97CF-165E-4F17-A848-0E8111927461}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{1EAEBF36-43FA-4C4E-AED6-B8D303A8E9C3}" = lport=445 | protocol=6 | dir=in | app=system |

"{3CFCBE4F-7B65-4CB3-B9B7-115322BA93C1}" = lport=138 | protocol=17 | dir=in | app=system |

"{4659AEE6-0386-46D5-AC0C-072BB8420B17}" = lport=10243 | protocol=6 | dir=in | app=system |

"{4919B596-6F1D-4355-96FD-347041FEBD2D}" = lport=MPC | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{4BFE399C-991B-45B9-83EF-E2851D00B7B1}" = lport=MPC-epmap | protocol=6 | dir=in | svc=MPCss | [email protected],-28539 |

"{53041D60-E787-4B60-BD12-E1AE32943F0A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{5ABCC6BA-4B83-4B8E-B5B4-1006166E1B39}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{7C60701F-A831-4533-801D-5FDA0D1E280A}" = lport=137 | protocol=17 | dir=in | app=system |

"{908459A8-6B5E-4C90-9E5B-146FE4700C3B}" = rport=138 | protocol=17 | dir=out | app=system |

"{93B4DFE5-55A2-4C0A-866F-C9497DADAB50}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{9692B80A-3B31-4605-B420-409A38FED284}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{995FD51A-D650-44C3-BAF5-4744C858ADC4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{B02CCC69-4D84-418B-B5DB-F2355DFDAAEF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{B503519F-53AA-41B9-AFC8-35FD54E4592F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{CA7BD275-05AB-413F-BACA-EC94BFC9C31A}" = lport=139 | protocol=6 | dir=in | app=system |

"{EFF54978-8BC8-4FC1-B52B-C4B5B0CA5589}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{F0C9E5A7-6131-475A-816A-04E4E6E64C72}" = rport=10243 | protocol=6 | dir=out | app=system |

"{F7BB4C24-2CD1-4AE4-A677-FBFF424300B7}" = rport=445 | protocol=6 | dir=out | app=system |

"{F9906CAC-94B9-49D6-BC74-95A4C6B99C97}" = rport=137 | protocol=17 | dir=out | app=system |

"{FA7D3103-5BCE-4DA1-881F-C27620593ADB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{FF306037-5234-42DA-8200-C233EFEF7BF4}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{029F7C57-7635-4E6C-BBBF-785A50A98EA0}" = protocol=1 | dir=in | [email protected],-28543 |

"{0EA808C9-CF0A-4CAE-BA84-DB62342443F7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{11DA9E8C-8C87-40A9-962E-B79D4266053A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{26B815B8-33C6-4A9F-91E2-5417A0FBD217}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{2CF2BF8C-F667-41B3-9F94-1DAEC9E5FFCF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{2DD51F4E-309E-4639-BADA-60A97C97B3F3}" = protocol=6 | dir=out | app=system |

"{31C1365A-8A72-4473-B0A5-7DA064D1D7D4}" = protocol=58 | dir=in | [email protected],-28545 |

"{45676AE5-84D5-4827-8A7E-FDFFC892F5C4}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{59B09A6D-2FE0-4819-B760-B8A0CD2B3154}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |

"{5BA0E0A3-2C9F-482D-A50B-B61C71D9FD48}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{5DDEA06E-267B-42C3-B2ED-C828E523B57D}" = protocol=58 | dir=out | [email protected],-28546 |

"{6754A6B8-2F5B-4D53-A62D-C7D07009AF29}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |

"{69CF19B4-4AEC-4EF0-AAA0-0F96D9D42A9C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{71D89A3F-4BD0-47F4-99B5-D60956D64F97}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |

"{7222D829-6907-4CD4-9BC6-8C66BFDACC9F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{724AE960-1049-45F9-9D71-D067E7D0DF4F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{73612F3C-D5E5-4A21-82D8-AD649B2CD13F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |

"{7379C71A-AF9F-467F-B239-D3F6636BA568}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |

"{739D4903-6C27-4155-8EE1-893B95FFBACB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{73C91574-46DB-46A2-B990-D78297569D5E}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |

"{74500DFC-0F3D-45BF-A0E7-3B5B8BD8404B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |

"{7A524C76-E11E-4051-881C-7B032E9B79A5}" = protocol=1 | dir=out | [email protected],-28544 |

"{8EBB223F-96AA-4E94-A3BA-06A953FE5E50}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |

"{910BE760-ABFD-479A-A673-6A23ADBE7AF9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |

"{A00F8EB4-6399-401E-B3B1-21316AA7DE49}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{B4B6BB37-A672-4872-8C6A-6EA85A4671F1}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |

"{C1BC4606-4503-4D3C-BFF1-862E8D16F7CA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |

"{CF2C552B-DBA9-4A4E-BF5C-4D287DA6422A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{E2F3FBEE-B020-4B72-8E58-EE88AE23CCFF}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |

"{E6C34E18-7D73-4AD9-86B5-17236B999107}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{E747FE46-7B16-4F8B-A543-83602A703C9F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{EFB1F3A0-E58B-4CEB-88D1-487D978803D5}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |

"{F19C5B3C-1924-45D5-AF5B-9F4F51DAA435}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{F3C7AB3F-3DD8-47BD-B259-FC6FF5DEFF3E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |

"{FF7B1A9E-AC06-44EC-B5C9-B13CB3165727}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"TCP Query User{BD960EC1-A390-4E94-9346-A1ED2F67FBC9}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |

"TCP Query User{EBD82C6A-957A-4831-BC45-31F6D08FB8ED}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |

"UDP Query User{5EAB1BF2-5D93-4316-BDAF-35EAAE2779A1}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |

"UDP Query User{C66831A6-0FF4-437D-8979-B7B22493898C}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0857F88E-C72B-B4C4-6019-5A6D2050229C}" = AMD Catalyst Install Manager

"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables

"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)

"{2BA8381A-F47A-0A1A-8CDC-9EED42CBF73A}" = AMD Media Foundation Decoders

"{328EAC95-9299-BF47-BDBE-83F94AE07D71}" = AMD Drag and Drop Transcoding

"{502275B0-3DA3-44D8-8702-066525CAAE98}" = AVG 2013

"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime

"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack

"{A762DDE6-D6AC-ECDC-DFBE-E35A0FCFB0AD}" = AMD Fuel

"{BFAB7835-55A2-41CD-AE66-F673BCA4E49F}" = AVG 2013

"{C5CFDA3B-64EC-21EE-6652-0E9AFC41FF8F}" = ccc-utility64

"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant

"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"8461-7759-5462-8226" = Vuze

"AVG" = AVG 2013

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile

"Revo Uninstaller Pro_is1" = Revo Uninstaller Pro wersja 2.5.9

"USB2.0 UVC VGA WebCam" = USB2.0 UVC VGA WebCam

"WinRAR archiver" = WinRAR 4.11 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0190000A-A5F5-41EE-9E20-BE784015214C}" = City Bus Simulator 2010 - New York

"{01B9D184-F3C5-48B2-6DBA-56D5DCD85E97}" = CCC Help Chinese Traditional

"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform

"{062BC4B4-891A-C58D-B335-7A6358BB438C}" = CCC Help English

"{0E4545D7-2B4B-1EF1-505E-1B9E512980F1}" = CCC Help Portuguese

"{15DA32B6-4726-AABE-E3BD-761DA0DE4132}" = CCC Help Norwegian

"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9

"{2764C49D-4BFD-A240-F64D-E11AF855C714}" = CCC Help Swedish

"{29E21CFC-5DEE-6441-AD4A-C15655BFC146}" = CCC Help Chinese Standard

"{2C03DD9D-D28B-9D33-22DA-AB1C007B8412}" = CCC Help Spanish

"{2DE1BCDB-48F7-723F-1DF0-FAB7B4184CE4}" = CCC Help Danish

"{2FF505C2-318E-7B51-FA77-51B9E6F0677D}" = CCC Help Czech

"{30E02033-8A23-ABF8-474C-1CD0C7504659}" = CCC Help French

"{43BAB72A-5430-FD3B-ADBD-02105E4AEE03}" = CCC Help Thai

"{492B292A-8A5E-EE0D-5EAA-B303CCB1F14D}" = CCC Help Italian

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4B487EAF-EC47-EDEF-599B-CA45F17DD5D0}" = Catalyst Control Center Graphics Previews Common

"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform

"{59FB5F5C-B127-D725-72CF-D8ECEF40163D}" = CCC Help Finnish

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform

"{6DFCEE0F-17DA-93D0-65EE-C280DA539FFD}" = CCC Help Korean

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{76E62ACD-1536-4AC7-9A2E-B7DB4F2ACE5E}" = Windows Live Family Safety

"{78482808-3AE8-5650-52AD-2E73D0C6BB43}" = Catalyst Control Center Localization All

"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions

"{8D4B4AB4-C554-66E3-1214-5C109C504220}" = Catalyst Control Center InstallProxy

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A60C5BE1-9644-01E7-5E8A-5F0318D268C6}" = AMD VISION Engine Control Center

"{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9674831-B5FC-32DA-D7F7-067DB3FC36C8}" = CCC Help Polish

"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Polish

"{B24A294A-5BA2-E73D-2064-80BB7A940102}" = CCC Help Japanese

"{BECC92A2-F74A-9003-214D-7F2B059B61D1}" = CCC Help Turkish

"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3

"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer

"{C9EAEE6B-741F-421D-B9CE-9FA300DA92AD}_is1" = Super Mario Bros. X version 1.2.2

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D1953F1B-F323-B5BC-4513-BC82EFED21DD}" = CCC Help Dutch

"{DDB9AF26-1CA1-99F6-A3E5-3D76D6D45BE7}" = CCC Help Greek

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = Realtek PC Camera

"{E0FA217A-9661-02A8-E259-A2702CBD8C40}" = CCC Help German

"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = Babylon Chrome Toolbar

"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding

"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 version 1.61

"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0

"{EBD2E918-2C91-A25B-DFA8-E9E96673061D}" = CCC Help Russian

"{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack

"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.13

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F950EC87-8370-F6BC-4996-1C2A0B486E5F}" = CCC Help Hungarian

"{FE226068-F15B-40AE-BEC1-472BBB39DFD7}" = Scooby-Doo! Pierwsze Strachy DEMO

"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"AVG Secure Search" = AVG Security Toolbar

"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]

"Google Chrome" = Google Chrome

"KajkoiKokoszSLDEMO_is1" = Kajko i Kokosz - Szkoła latania DEMO v.1.020

"Mario Forever Editor - Mario Worker" = Mario Forever Editor - Mario Worker

"New LEGO Digital Designer" = LEGO Digital Designer

"PC Performer_is1" = PC Performer

"PowerISO" = PowerISO

"Smiley Bar for Facebook" = Smiley Bar for Facebook

"SpeedFan" = SpeedFan (remove only)

"Super Mario 3 : Mario Forever" = Super Mario 3 : Mario Forever

"Symulator Cysterny/PL-Polish_is1" = Symulator Cysterny

"Updater Service" = Updater Service

"V9Software" = V9 Homepage Uninstaller

"WinLiveSuite" = Podstawowe programy Windows Live

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\mati 2\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\mati 3\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 2013-01-22 13:19:02 | Computer Name = Komputer | Source = WinMgmt | ID = 10

Description =

Error - 2013-01-22 14:54:59 | Computer Name = Komputer | Source = WinMgmt | ID = 10

Description =

Error - 2013-01-23 01:41:18 | Computer Name = Komputer | Source = WinMgmt | ID = 10

Description =

Error - 2013-01-23 08:54:04 | Computer Name = Komputer | Source = WinMgmt | ID = 10

Description =

Error - 2013-01-23 09:01:02 | Computer Name = Komputer | Source = Application Error | ID = 1000

Description = Nazwa aplikacji powodującej błąd: CBS.exe, wersja: 1.0.0.0, sygnatura

czasowa: 0x4a927773 Nazwa modułu powodującego błąd: CBS.exe, wersja: 1.0.0.0, sygnatura

czasowa: 0x4a927773 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000e278a Identyfikator

procesu powodującego błąd: 0xb3c Godzina uruchomienia aplikacji powodującej błąd:

0x01cdf969adc6bb63 Ścieżka aplikacji powodującej błąd: C:\Users\mati.Komputer\Desktop\CBS.exe

Ścieżka

modułu powodującego błąd: C:\Users\mati.Komputer\Desktop\CBS.exe Identyfikator raportu:

f06fa75c-655c-11e2-a158-9309ce91b9dc

Error - 2013-01-23 12:24:25 | Computer Name = Komputer | Source = WinMgmt | ID = 10

Description =

Error - 2013-01-23 12:25:01 | Computer Name = Komputer | Source = VSS | ID = 8194

Description =

Error - 2013-01-23 12:27:19 | Computer Name = Komputer | Source = Application Hang | ID = 1002

Description = Program RegCleanPro.exe w wersji 6.21.65.2506 zatrzymał interakcję

z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej

informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania

Centrum akcji. Identyfikator procesu: e68 Godzina rozpoczęcia: 01cdf985f9b4b4b2 Godzina

zakończenia: 15 Ścieżka aplikacji: C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe

Identyfikator

raportu: bcbb0962-6579-11e2-a7fb-bca4a08b42de

Error - 2013-01-23 12:31:29 | Computer Name = Komputer | Source = Microsoft-Windows-RestartManager | ID = 10006

Description = Nie można zamknąć aplikacji lub usługi AVG User Interface.

Error - 2013-01-23 12:31:29 | Computer Name = Komputer | Source = Microsoft-Windows-RestartManager | ID = 10006

Description = Nie można zamknąć aplikacji lub usługi Update Manager for SweetPacks.

Error - 2013-01-23 12:34:37 | Computer Name = Komputer | Source = MsiInstaller | ID = 11706

Description =

[ System Events ]

Error - 2013-01-23 02:00:55 | Computer Name = Komputer | Source = Service Control Manager | ID = 7006

Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił

następujący błąd: %%5.

Error - 2013-01-23 08:52:44 | Computer Name = Komputer | Source = Service Control Manager | ID = 7006

Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił

następujący błąd: %%5.

Error - 2013-01-23 08:52:47 | Computer Name = Komputer | Source = Service Control Manager | ID = 7006

Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił

następujący błąd: %%5.

Error - 2013-01-23 08:52:49 | Computer Name = Komputer | Source = Microsoft-Windows-GroupPolicy | ID = 1096

Description = Przetwarzanie zasad grupy nie powiodło się. System Windows nie może

zastosować opartych na rejestrze ustawień zasad dla obiektu zasad grupy LocalGPO.

Ustawienia zasad grupy nie będą rozpoznawane do czasu rozwiązania tego problemu.

Wyświetl szczegóły zdarzenia, aby uzyskać więcej informacji o nazwie i ścieżce

pliku, który spowodował błąd.

Error - 2013-01-23 10:25:56 | Computer Name = Komputer | Source = Microsoft-Windows-GroupPolicy | ID = 1096

Description = Przetwarzanie zasad grupy nie powiodło się. System Windows nie może

zastosować opartych na rejestrze ustawień zasad dla obiektu zasad grupy LocalGPO.

Ustawienia zasad grupy nie będą rozpoznawane do czasu rozwiązania tego problemu.

Wyświetl szczegóły zdarzenia, aby uzyskać więcej informacji o nazwie i ścieżce

pliku, który spowodował błąd.

Error - 2013-01-23 12:13:56 | Computer Name = Komputer | Source = Microsoft-Windows-GroupPolicy | ID = 1096

Description = Przetwarzanie zasad grupy nie powiodło się. System Windows nie może

zastosować opartych na rejestrze ustawień zasad dla obiektu zasad grupy LocalGPO.

Ustawienia zasad grupy nie będą rozpoznawane do czasu rozwiązania tego problemu.

Wyświetl szczegóły zdarzenia, aby uzyskać więcej informacji o nazwie i ścieżce

pliku, który spowodował błąd.

Error - 2013-01-23 12:19:38 | Computer Name = Komputer | Source = Service Control Manager | ID = 7006

Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił

następujący błąd: %%5.

Error - 2013-01-23 12:23:06 | Computer Name = Komputer | Source = Service Control Manager | ID = 7006

Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił

następujący błąd: %%5.

Error - 2013-01-23 12:23:09 | Computer Name = Komputer | Source = Service Control Manager | ID = 7006

Description = Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił

następujący błąd: %%5.

Error - 2013-01-23 12:23:20 | Computer Name = Komputer | Source = Microsoft-Windows-GroupPolicy | ID = 1096

Description = Przetwarzanie zasad grupy nie powiodło się. System Windows nie może

zastosować opartych na rejestrze ustawień zasad dla obiektu zasad grupy LocalGPO.

Ustawienia zasad grupy nie będą rozpoznawane do czasu rozwiązania tego problemu.

Wyświetl szczegóły zdarzenia, aby uzyskać więcej informacji o nazwie i ścieżce

pliku, który spowodował błąd.

< End of report >

Fr3shMak3r · 23 Stycznia 2013

A co to znaczy proszę sprawdzic czy coś jest .

Proszę podac konkretny powód . -.-

bronek13x · 23 Stycznia 2013

wiem że nie podałem powodu a powód jest taki że młodszy brat pośćiągał badziewia do tego mam pare innych problemów z tym kompem więc proszę cie o pomoc

Fr3shMak3r · 23 Stycznia 2013

Uruchom OTL i w Oknie Własne opcje skanowania :

:OTL
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O2 - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG
Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.
O3 - HKU\mati 2\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll ()
O2 - BHO: (no name) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - No CLSID value found.

:Commands
[emptytemp]

I klik na wykonaj skrypt i pokaż raport z usuwania .

bronek13x · 23 Stycznia 2013

All processes killed

========== OTL ==========

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.

File Protocol\Handler\skype4com - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol\ deleted successfully.

File Protocol\Handler\viprotocol - No CLSID value found not found.

Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.

File C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.

File C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\BabylonToolbarTlbr.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\ deleted successfully.

Registry value HKEY_USERS\mati 2\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.

File C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\bh\BabylonToolbar.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ deleted successfully.

File C:\Program Files\IB Updater\Extension32.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ deleted successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: jdahjd

User: llll

->Temp folder emptied: 31614504 bytes

->Temporary Internet Files folder emptied: 5271212 bytes

->Java cache emptied: 241214 bytes

->Google Chrome cache emptied: 121990342 bytes

->Flash cache emptied: 903 bytes

User: Mati

User: mati 2

->Temp folder emptied: 582368 bytes

->Temporary Internet Files folder emptied: 10638337 bytes

->Google Chrome cache emptied: 336938066 bytes

->Flash cache emptied: 725 bytes

User: mati 3

->Temp folder emptied: 427084 bytes

->Temporary Internet Files folder emptied: 5823614 bytes

->Google Chrome cache emptied: 106267000 bytes

->Flash cache emptied: 670 bytes

User: mati.Komputer

->Temp folder emptied: 181026 bytes

->Temporary Internet Files folder emptied: 1016612 bytes

->Google Chrome cache emptied: 10395672 bytes

->Flash cache emptied: 0 bytes

User: mati2

->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68032 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 602,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 01232013_181225

Files\Folders moved on Reboot...

File\Folder C:\Users\mati.Komputer\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Fr3shMak3r · 23 Stycznia 2013

Jeszcze jedno używasz tego ? :

[2013-01-07 17:13:13 | 000,140,408 | ---- | C] () -- C:\Sonic-3D-Blast-(F)-[!].gs2
[2013-01-07 17:13:11 | 000,140,408 | ---- | C] () -- C:\Sonic-3D-Blast-(F)-[!].gs1
[2013-01-07 17:12:30 | 000,140,408 | ---- | C] () -- C:\Sonic-3D-Blast-(F)-[!].gs8
[2013-01-07 17:12:30 | 000,140,408 | ---- | C] () -- C:\Sonic-3D-Blast-(F)-[!].gs0
[2013-01-07 17:12:29 | 000,140,408 | ---- | C] () -- C:\Sonic-3D-Blast-(F)-[!].gs9

bronek13x · 23 Stycznia 2013

ja nie ale mój brat dokładnie to jest do gry ale ręcznie to usunąłem już

Fr3shMak3r · 23 Stycznia 2013

Odinstaluj te toolbary przez Dodaj lub Usuń programy :


IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmood...E&cr=1484951946
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmood...E&cr=1484951946
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?u...0&ts=1357048648
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim....8-CC38573EA9AC}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{154d339e-ccaa-49a5-9b38-6878ad4220bc}: "URL" = http://www.searchamo...t=webs&bar=true
IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmood...E&cr=1484951946
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...8-CC38573EA9AC}

bronek13x · 23 Stycznia 2013

już je odinstalowałem

Fr3shMak3r · 23 Stycznia 2013

W OTL użyj sprzątanie i to wszystko .

bronek13x · 23 Stycznia 2013

już przed tobą to zrobiłem bo pamiętałem tylko to ale za pomoc dzięki i leci limit like

Zaloguj się

👋 Witaj na MPCForum!

Log OTL proszę sprawdzić czy coś jest

Rekomendowane odpowiedzi

bronek13x

bronek13x

Fr3shMak3r

Fr3shMak3r

bronek13x

bronek13x

Fr3shMak3r

Fr3shMak3r

bronek13x

bronek13x

Fr3shMak3r

Fr3shMak3r

bronek13x

bronek13x

Fr3shMak3r

Fr3shMak3r

bronek13x

bronek13x

Fr3shMak3r

Fr3shMak3r

bronek13x

bronek13x

Zarchiwizowany