OTL logfile created on: 2012-04-03 17:09:10 - Run 2
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\Michal\Desktop\oczyszczanie
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,79 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 68,31% Memory free
7,58 Gb Paging File | 5,94 Gb Available in Paging File | 78,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 71,74 Gb Total Space | 32,73 Gb Free Space | 45,62% Space Free | Partition Type: NTFS
Drive D: | 204,87 Gb Total Space | 203,93 Gb Free Space | 99,54% Space Free | Partition Type: NTFS
Drive F: | 1,88 Gb Total Space | 1,53 Gb Free Space | 81,40% Space Free | Partition Type: FAT
 
Computer Name: MICHAL-KOMPUTER | User Name: Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-03-31 16:26:18 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Desktop\oczyszczanie\OTL.exe
PRC - [2012-02-26 17:01:44 | 000,295,728 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2012-02-16 16:29:02 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
PRC - [2012-01-03 17:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011-10-01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011-10-01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011-08-24 19:02:24 | 000,260,136 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Uqeszu\oroqco.exe
PRC - [2011-07-11 23:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011-03-08 00:49:57 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011-01-17 20:50:30 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011-01-17 20:50:30 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010-10-08 00:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010-10-07 19:43:00 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010-10-01 01:15:20 | 001,078,912 | ---- | M] (asus) -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
PRC - [2010-09-24 02:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010-08-18 00:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010-07-19 22:26:00 | 000,370,480 | ---- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
PRC - [2010-07-19 22:26:00 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
PRC - [2010-01-16 19:02:38 | 000,436,752 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McUICnt.exe
PRC - [2010-01-15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009-12-15 20:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009-11-03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009-10-01 05:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009-10-01 05:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009-09-23 11:11:54 | 001,160,320 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
PRC - [2009-07-31 20:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009-07-07 00:22:04 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
PRC - [2009-06-24 22:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009-06-19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009-06-19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009-06-16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2008-12-23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008-03-31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007-11-30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007-08-03 13:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-03-24 22:50:36 | 000,013,824 | ---- | M] () -- C:\ProgramData\IgvufpivNojw.dll
MOD - [2012-03-01 18:22:14 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012-02-16 16:07:14 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\0794d7af09099432ebfb51af1d7f15ae\System.Management.ni.dll
MOD - [2012-02-16 11:14:54 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6954c7f14ea634672cdacf2cd793497e\PresentationFramework.Aero.ni.dll
MOD - [2012-02-16 11:13:45 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8435718626a24beaeefc98d45ae77127\PresentationFramework.ni.dll
MOD - [2012-02-16 11:13:06 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll
MOD - [2012-02-16 11:12:47 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll
MOD - [2012-02-16 11:12:41 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\c0508b05f5c28e37711f447a66368e75\PresentationCore.ni.dll
MOD - [2012-02-16 11:12:12 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
MOD - [2012-02-16 11:11:58 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012-02-16 11:11:49 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012-02-16 11:11:45 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2011-10-25 20:39:26 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011-08-24 19:02:24 | 000,260,136 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Uqeszu\oroqco.exe
MOD - [2010-10-01 01:14:04 | 000,076,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
MOD - [2010-10-01 01:13:38 | 000,186,880 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
MOD - [2010-10-01 01:13:12 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
MOD - [2010-10-01 01:13:06 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
MOD - [2010-09-24 02:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010-07-01 21:21:42 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax
MOD - [2009-11-03 00:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009-11-03 00:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009-09-17 14:41:42 | 000,267,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswcore.dll
MOD - [2009-09-15 17:45:58 | 000,228,864 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswsysmon.dll
MOD - [2009-09-15 11:47:10 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ResItf.dll
MOD - [2009-09-11 17:40:20 | 000,084,992 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\cxcmrt.dll
MOD - [2009-08-03 21:54:41 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_pl_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2009-08-03 21:54:29 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-07-08 12:24:16 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipsw_cfgmgr.dll
MOD - [2009-07-03 14:40:34 | 000,085,504 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\LogonStartup.dll
MOD - [2009-07-03 14:21:16 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\iphelper.dll
MOD - [2009-07-03 14:13:56 | 000,297,984 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswui.dll
MOD - [2009-07-03 14:13:16 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswobj.dll
MOD - [2009-07-03 14:12:32 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswhlp.dll
MOD - [2009-07-03 14:12:24 | 000,065,024 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswgblset.dll
MOD - [2009-07-03 14:12:14 | 000,089,088 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswds.dll
MOD - [2009-07-01 17:46:24 | 000,461,824 | ---- | M] () -- C:\Program Files (x86)\ASUS\Net4Switch\ipswresmgr.dll
MOD - [2007-11-30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007-06-15 20:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007-06-02 03:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2010-10-09 11:00:14 | 000,859,712 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV:[b]64bit:[/b] - [2010-09-30 20:50:30 | 000,377,264 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2010-09-23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010-02-23 13:56:42 | 000,570,632 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV:[b]64bit:[/b] - [2010-02-23 13:56:40 | 000,917,768 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2007-08-03 13:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2012-02-15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-10-01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011-10-01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009-12-15 20:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009-10-01 05:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009-10-01 05:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009-06-16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-03-31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-04-03 15:23:29 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\72894542.sys -- (72894542)
DRV:[b]64bit:[/b] - [2011-10-01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2011-10-01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2011-10-01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2011-10-01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2011-07-12 12:56:50 | 000,342,288 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmxpflt.sys -- (tmxpflt)
DRV:[b]64bit:[/b] - [2011-07-12 12:56:36 | 000,042,768 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmpreflt.sys -- (tmpreflt)
DRV:[b]64bit:[/b] - [2011-07-12 12:47:06 | 002,077,456 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vsapint.sys -- (vsapint)
DRV:[b]64bit:[/b] - [2011-03-11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-03-08 00:49:43 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:[b]64bit:[/b] - [2011-03-07 23:41:31 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2010-11-05 17:45:47 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010-10-12 03:49:15 | 000,131,552 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\JME.sys -- (JME) JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits)
DRV:[b]64bit:[/b] - [2010-09-23 10:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010-09-08 13:39:31 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2010-04-30 04:19:29 | 010,331,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2010-03-02 10:45:23 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2010-02-26 10:32:11 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2010-02-23 13:57:30 | 000,107,536 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:[b]64bit:[/b] - [2010-02-03 00:38:29 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:[b]64bit:[/b] - [2010-01-18 11:45:49 | 000,717,368 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:[b]64bit:[/b] - [2009-09-17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:[b]64bit:[/b] - [2009-08-20 04:41:37 | 001,800,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:[b]64bit:[/b] - [2009-08-18 10:23:31 | 000,143,472 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:[b]64bit:[/b] - [2009-07-20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-18 22:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-05-13 19:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2008-05-24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:[b]64bit:[/b] - [2007-08-03 06:26:47 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-07-03 03:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={70AF9E6B-CF59-4CEF-AB17-347956CEC9E0}
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111025085948779&tb_oid=25-10-2011&tb_mrud=25-10-2011
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=101916
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\..\SearchScopes,DefaultScope = {18C0CDF8-9F69-4C66-A67E-472A2824E69E}
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=84a81d6c000000000000f46d04814062
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\..\SearchScopes\{18C0CDF8-9F69-4C66-A67E-472A2824E69E}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\..\SearchScopes\{982CE4EC-C1CC-4FE1-8197-5ED6B58D08BC}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=NRO&o=101913&src=crm&q={searchTerms}&locale=&apn_ptnrs=EW&apn_dtid=YYYYYYYYPL&apn_uid=F1239F8A-3327-44A8-9406-7A06236DAAB2&apn_sauid=4606D67D-B1D8-462D-9B0B-12E1EC45BA83
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&barid={70AF9E6B-CF59-4CEF-AB17-347956CEC9E0}
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111025085948779&tb_oid=25-10-2011&tb_mrud=25-10-2011
IE - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?babsrc=HP_Prot"
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=NRO&o=101913&locale=en_US&apn_uid=F1239F8A-3327-44A8-9406-7A06236DAAB2&apn_ptnrs=EW&apn_sauid=4606D67D-B1D8-462D-9B0B-12E1EC45BA83&apn_dtid=YYYYYYYYPL&&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?babsrc=HP_Prot"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.babylon.com/?AF=100482&babsrc=adbartrp&mntrId=84a81d6c000000000000f46d04814062&q="
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011-03-08 00:23:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011-03-08 00:23:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011-03-08 00:23:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-09-08 18:37:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-03-21 16:58:15 | 000,000,000 | ---D | M]
 
[2011-08-18 19:37:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michal\AppData\Roaming\mozilla\Extensions
[2012-03-13 23:08:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michal\AppData\Roaming\mozilla\Firefox\Profiles\75gsqoaq.default\extensions
[2011-10-25 11:00:01 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Michal\AppData\Roaming\mozilla\Firefox\Profiles\75gsqoaq.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2012-01-28 21:55:32 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Michal\AppData\Roaming\mozilla\Firefox\Profiles\75gsqoaq.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2012-01-04 22:47:11 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Michal\AppData\Roaming\mozilla\Firefox\Profiles\75gsqoaq.default\extensions\ffxtlbr@babylon.com
[2012-03-20 22:16:35 | 000,000,000 | ---D | M] ("Nero Toolbar") -- C:\Users\Michal\AppData\Roaming\mozilla\Firefox\Profiles\75gsqoaq.default\extensions\toolbar@ask.com
[2011-10-25 11:09:13 | 000,002,354 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\75gsqoaq.default\searchplugins\aol-web-search.xml
[2012-03-27 16:51:43 | 000,002,574 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\75gsqoaq.default\searchplugins\askcom.xml
[2012-02-16 11:25:29 | 000,004,615 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\75gsqoaq.default\searchplugins\SweetIM Search.xml
[2012-01-28 21:55:28 | 000,003,915 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\75gsqoaq.default\searchplugins\sweetim.xml
[2012-03-01 18:20:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-03-04 19:04:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-03-01 18:20:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011-09-08 18:37:41 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-03-01 18:20:44 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011-07-11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011-08-12 05:51:25 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-01-04 22:47:03 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011-08-12 05:51:25 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2011-08-12 05:51:25 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2011-08-12 05:51:25 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2011-08-12 05:51:25 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-08-12 05:51:25 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:[b]64bit:[/b] - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001..\Run: [{A49C4462-1C6E-AD40-E2BB-4656C1B2654B}] C:\Users\Michal\AppData\Roaming\Uqeszu\oroqco.exe ()
O4 - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001..\Run: [ChomikBox] C:\Program Files (x86)\ChomikBox\chomikbox.exe ( )
O4 - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (syncables, LLC)
O4 - HKU\S-1-5-21-1287235045-2387776622-3465627747-1001..\Run: [Windows Time] C:\ProgramData\IgvufpivNojw.dll ()
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\SysWow64\grpconv.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_72894542.lnk = C:\Users\Michal\AppData\Local\Temp\_uninst_72894542.bat ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE6B1DA9-7D4F-4C19-A145-6FBF4C6E7B1C}: DhcpNameServer = 89.17.224.44 89.17.224.30
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-04-03 16:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012-04-03 16:10:56 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\72894542.sys
[2012-03-31 15:46:55 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\oczyszczanie
[2012-03-27 23:18:18 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Fortress 2012
[2012-03-27 23:15:59 | 000,000,000 | ---D | C] -- C:\ProgramData\F4D55F38000449B8605D8FE8A60145BE
[2012-03-21 16:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012-03-21 16:58:31 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Adobe
[2012-03-21 16:58:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-03-21 16:58:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012-03-21 16:58:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012-03-21 16:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2012-03-14 20:15:26 | 005,504,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012-03-14 20:15:25 | 003,957,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012-03-14 20:15:23 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012-03-13 23:08:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012-03-13 23:08:07 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012-03-13 23:08:06 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012-03-13 23:08:06 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012-03-13 23:08:06 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012-03-13 23:08:06 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012-03-13 23:07:38 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012-03-13 23:07:12 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012-03-13 23:06:44 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012-03-13 23:06:20 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012-03-13 23:05:57 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012-03-13 22:05:38 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012-03-13 22:05:37 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012-03-13 22:05:36 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012-03-13 22:05:36 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012-03-13 22:05:36 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012-03-13 22:01:17 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012-03-13 22:01:17 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012-03-13 22:01:15 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012-03-13 22:01:15 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012-03-13 22:01:15 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012-03-12 20:03:13 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\{11DA3CC7-6E8F-4218-B120-7DC0630E9668}
[2012-03-12 20:02:22 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-03-04 18:57:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-03-04 18:57:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012-03-04 18:55:53 | 000,943,752 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Michal\Desktop\SkypeSetup.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-04-03 16:42:12 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-03 16:41:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-03 16:11:47 | 000,001,022 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_72894542.lnk
[2012-04-03 16:11:15 | 001,664,108 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-04-03 16:11:15 | 000,738,432 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-04-03 16:11:15 | 000,652,600 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-04-03 16:11:15 | 000,154,830 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-04-03 16:11:15 | 000,121,274 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-04-03 15:23:29 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\72894542.sys
[2012-04-03 15:23:26 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-03 15:23:26 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-03 15:16:26 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-03 15:15:54 | 3054,796,800 | -HS- | M] () -- C:\hiberfil.sys
[2012-03-27 23:18:18 | 000,001,090 | ---- | M] () -- C:\Users\Michal\Desktop\Smart Fortress 2012.lnk
[2012-03-25 11:04:35 | 000,002,202 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012-03-25 01:00:23 | 004,757,243 | ---- | M] () -- C:\Users\Michal\Desktop\Shamhan Daldaev - Eto Kavkaz  .mp3
[2012-03-24 22:50:36 | 000,013,824 | ---- | M] () -- C:\ProgramData\IgvufpivNojw.dll
[2012-03-23 12:21:41 | 000,009,263 | ---- | M] () -- C:\Users\Michal\Desktop\WALUTA.ods
[2012-03-22 14:55:04 | 001,157,763 | ---- | M] () -- C:\Users\Michal\Desktop\H_Niewiadowski_Swiat_wg_dziada.pdf
[2012-03-21 17:01:24 | 000,001,119 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012-03-21 16:59:59 | 000,118,389 | ---- | M] () -- C:\Windows\AsCD_Item_46.jpg
[2012-03-21 16:58:16 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-03-14 20:32:44 | 000,304,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-03-12 20:00:42 | 000,375,600 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Users\Michal\Desktop\SweetImSetup.exe
[2012-03-07 00:06:19 | 001,640,246 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-03-04 18:55:53 | 000,943,752 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Michal\Desktop\SkypeSetup.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-04-03 16:11:47 | 000,001,022 | ---- | C] () -- C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_72894542.lnk
[2012-03-27 23:18:18 | 000,001,090 | ---- | C] () -- C:\Users\Michal\Desktop\Smart Fortress 2012.lnk
[2012-03-25 01:00:20 | 004,757,243 | ---- | C] () -- C:\Users\Michal\Desktop\Shamhan Daldaev - Eto Kavkaz  .mp3
[2012-03-24 22:50:36 | 000,013,824 | ---- | C] () -- C:\ProgramData\IgvufpivNojw.dll
[2012-03-22 14:55:03 | 001,157,763 | ---- | C] () -- C:\Users\Michal\Desktop\H_Niewiadowski_Swiat_wg_dziada.pdf
[2012-03-21 16:59:59 | 000,118,389 | ---- | C] () -- C:\Windows\AsCD_Item_46.jpg
[2012-03-21 16:58:50 | 000,001,011 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
[2012-03-21 16:58:16 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-03-21 16:58:15 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012-03-11 11:55:37 | 000,009,263 | ---- | C] () -- C:\Users\Michal\Desktop\WALUTA.ods
[2012-01-28 21:41:55 | 000,004,440 | ---- | C] () -- C:\Windows\jgdxdb-z.ini
[2012-01-28 21:41:55 | 000,001,441 | ---- | C] () -- C:\Windows\cwrmrb32.ini
[2011-10-23 22:51:03 | 000,000,852 | ---- | C] () -- C:\ProgramData\finanse.exe.ini
[2011-10-23 22:40:34 | 001,640,246 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-03-08 00:24:53 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010-04-30 04:17:37 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010-04-30 04:17:37 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010-04-30 04:17:37 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010-04-30 03:42:23 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010-04-30 03:42:23 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-08-17 20:49:46 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Asus WebStorage
[2012-01-04 22:46:59 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Babylon
[2011-08-18 19:51:52 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Gadu-Gadu 10
[2011-08-17 20:42:46 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Nuance
[2011-10-25 10:59:09 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\OpenCandy
[2011-08-21 18:29:09 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\OpenFM
[2012-03-01 18:22:33 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\OpenOffice.org
[2012-03-07 13:11:00 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\SoftGrid Client
[2011-12-04 11:49:11 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\TP
[2011-08-24 19:02:24 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Uqeszu
[2011-08-17 20:42:41 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Zeon
[2012-03-11 14:26:25 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >