Problem z Wyłaczeniem laptopa

Wszystko co nie było zgodne z regulaminem forum
gumak9

Użytkownik
Posty: 8
Rejestracja: 24 wrz 2013, 22:36

Problem z Wyłaczeniem laptopa

Post25 wrz 2013, 15:06

Witam!
Mam problem, a mianowicie nie moge wylaczyc laptopa. klikam zamknil , ekran gasnie ale caly czas laptop chodzi. tzn dysk twardy. czasami przed samym wygasnieciem ekranu pokazuje mi sie komunikat o tym ze program MS_WebcheckMonitor wciaz jest uruchomiony. No i wlasnie ten program ( chociaz na niektorych forah pisza ze to wirus) mnie niepokoi. Prosze o pomoc. Wrzycam tutaj wyniki skanu OTL- em moze to cos pomoze. Jeszcze raz prosze o pomoc.
Extras.txt:
OTL Extras logfile created on: 2013-09-24 22:12:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mateusz\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd

3,59 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 66,01% Memory free
4,65 Gb Paging File | 3,12 Gb Available in Paging File | 67,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 130,09 Gb Free Space | 69,83% Space Free | Partition Type: NTFS
Drive D: | 258,44 Gb Total Space | 129,81 Gb Free Space | 50,23% Space Free | Partition Type: NTFS

Computer Name: GUMAK | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1273210352-1551443763-1818612932-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- "D:\Programy\NapiProjekt\napisy.exe" "%1" ()
Directory [napiprojekt0] -- "D:\Programy\NapiProjekt\napisy.exe" "%1" -pobierz_ang ()
Directory [Winamp.Bookmark] -- "D:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programy\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{098CD2B5-B395-41B5-AF77-79F1AFF2A402}" = rport=137 | protocol=17 | dir=out | app=system |
"{111E0565-9552-4846-BA1D-941FE084545E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2260F248-FFAA-4BED-AA7F-B2BC06D5C2D1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41EEB13D-2B10-498B-BAF2-1ED9DE81BF51}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{443FA99D-4494-4519-BA12-35EDEB395D90}" = rport=138 | protocol=17 | dir=out | app=system |
"{4767A203-D8F3-4918-B735-299E8E35ED8F}" = lport=445 | protocol=6 | dir=in | app=system |
"{4B5C4F5D-992D-4490-A517-B0A738ACC2E7}" = rport=139 | protocol=6 | dir=out | app=system |
"{588360B7-B201-4118-AEAD-C0ACC5C3BF95}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{673D0EC5-5DED-4D7C-A0AD-99844FC2AE9B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6B0110D9-1BD0-42C4-9B0B-11B4E48CD312}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{75B0A591-89A0-4DA3-A0B9-6409943ED5D8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{77225AF6-8737-47E1-90D2-A806C6029896}" = lport=138 | protocol=17 | dir=in | app=system |
"{7A675D83-7F65-4559-BDF3-3DFF7FE4B0AB}" = lport=139 | protocol=6 | dir=in | app=system |
"{7EBF77AC-36E6-4B32-B00F-26C9FA0BEB45}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{882974CC-B6FD-475E-82B0-49C34137040D}" = lport=137 | protocol=17 | dir=in | app=system |
"{88ECCF18-0308-48B9-B0AA-3A1AF6C8352D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{939B99EE-ACC3-40BB-A350-39DAD3879BC9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A8691171-B9E5-434D-B863-B00B527F2A83}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AAE75F5C-8809-491C-BF50-7CAB5E1EA762}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C3017DE4-EB59-4CA5-8B0D-1C6C3847A56A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CA9F1F54-40AD-4C94-9535-0E2A817D74EC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DAAAC936-43B6-4C00-A5EF-F5F851470174}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DEF88821-4B38-4416-9436-B4E1A78A6323}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F287ED8C-7E7C-4366-9ED6-520FC7080AC0}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0172ECA3-4E14-407A-B63A-49FC9908D1DE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{04004E2F-8D23-46A6-B5B6-A2CB7F71AB6C}" = dir=out | name=skype |
"{057B3DF6-9665-41C6-9F9F-BB691653BFD3}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{17277524-CC9D-497C-A588-E2E966FC36AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{19C628EC-D591-4433-AEE3-5CA469C96CC3}" = dir=out | name=windows_ie_ac_001 |
"{1F176FE2-697E-4A5C-9735-C80321109D4A}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{2408118E-310A-4EC5-8EF2-EB6F561AA9D5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A4EE589-4DE8-40BB-AB37-55FA7773A517}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2C488FFC-597B-4309-B84F-389595662E46}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{2F040B93-8429-478A-ADEF-EC499918740A}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3331D2DE-9311-4A07-BCE9-7A280A54B4C1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{354C026D-7E10-4171-A113-4BE0D8495375}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{37AEF32A-1D08-4BDA-A20E-0C02E0E03117}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3BA206DB-7113-444E-A7B7-E65DCB6E2827}" = dir=in | app=c:\users\mateusz\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{3F55E91E-340E-4F14-AEBB-7B47E3818201}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{412E15A9-48BE-4D13-8299-1B908D8E4B10}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{428B688E-8BE0-46FB-A214-F9B3B1A0834A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4596B0EB-88BF-4033-8FF8-45EE858E3108}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{49A97CC1-CEEE-4E4F-BF8D-AA59C3A124F2}" = dir=in | app=c:\users\mateusz\appdata\local\microsoft\skydrive\skydrive.exe |
"{4DBB21EC-430D-4817-A9E3-F87D25EF86D8}" = dir=out | name=fresh paint |
"{5091F473-A0C0-4B1E-BA56-C001A0805FFC}" = protocol=6 | dir=in | app=d:\gry\activision\call of duty - world at war\codwawmp.exe |
"{510BC747-4DEB-4C68-8CBE-D35D51845956}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{51C35F57-7DE2-4F4B-9EDB-ACE52BCCD1AA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{553B958D-84D1-4209-82FB-7F3618A6AD78}" = protocol=17 | dir=in | app=d:\gry\activision\call of duty - world at war\codwaw.exe |
"{572302D6-7DF2-40BB-AD77-BB6A1E22EB40}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{5CA398D0-ECE6-4BFC-BCCA-225F9AFFC415}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{5EB672DC-6824-4C3C-82FE-2DBBB4224EAC}" = protocol=6 | dir=in | app=d:\programy\napiprojekt\napisy.exe |
"{62E97516-F747-4A73-BC3A-C041D92DBEB3}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{64724E16-C013-415C-BCE8-8D2AD3CD3DDF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{71C08295-3683-4685-88AF-4A28CE42ED37}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73476018-0BF2-4AA0-B7A3-23823F6445A4}" = dir=out | name=wordament |
"{73594A60-D2CC-4278-9EA6-38280010DFA0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8423B18B-F8A3-453A-A6A4-81A3ACDD609F}" = dir=in | name=skype |
"{85B3333B-485B-4ECC-841C-3A6688C6EA7D}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{909A13BA-D617-4712-962C-A60D4D154645}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{95868513-EC72-4483-8B85-E1DE3C582105}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{9B6184DB-FF81-4721-8695-10207E60FBD6}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{9ED82DBF-75DD-4B1A-857C-A768F59B5821}" = dir=out | app=d:\gry\czarnobyl 3\chunder.exe |
"{A0426CAD-5889-43BD-BF98-E623A26E49B8}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{A1EC0F23-B5D2-4E0F-AFD3-9D6B54A08421}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{A4D1051A-A567-48A3-81DE-1DBF74105BCB}" = dir=out | name=taptiles |
"{A71FF9FB-A98B-4F1F-B9BD-223294782A29}" = protocol=6 | dir=in | app=d:\gry\activision\call of duty - world at war\codwaw.exe |
"{B395BCF1-F07D-4B71-B503-49A7D46339C7}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{B7B1E2DE-8270-44FE-A6D1-FBD53D3FAF9D}" = protocol=6 | dir=out | app=system |
"{C35B9561-B7C7-4339-960F-CFAB894B8ED7}" = protocol=17 | dir=in | app=d:\gry\activision\call of duty - world at war\codwawmp.exe |
"{CA5FA2B5-108E-4E84-9B11-2E421FE3EECA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D130EFC8-98F0-4CAD-BA46-C530AFE282D3}" = dir=out | name=adera |
"{D42FCDAC-CD18-4D37-93D4-DDDEACDC2BE2}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{D86E7AEF-4A7A-4E23-B055-D7B07EBD9B46}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{DF1D901D-748D-4B84-8159-348100796289}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E013FE51-19AD-4661-9094-897A936E0A62}" = dir=out | name=microsoft solitaire collection |
"{E3358D4E-D875-485F-AD44-4684A6908C16}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E40FFD5C-3BF7-4B02-B28D-DF237D131E1A}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E973D87A-F4E1-4DC5-9F30-A0D6D1329272}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{ED476402-D9C9-4FBC-8A5B-291B1B3405C3}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{EF5E1F7C-86E5-4597-849D-BC3849D3943A}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F3FE9F18-D8DE-4597-84F6-4C56C6F0706E}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{FCAF12EB-6C4D-47DA-A067-2CBB8E8998E7}" = protocol=17 | dir=in | app=d:\programy\napiprojekt\napisy.exe |
"TCP Query User{004AC837-681A-4AAD-AAE3-3DE8F60E446F}D:\programy\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\programy\winamp\winamp.exe |
"TCP Query User{2EAF88C4-47CE-416D-8D17-8DC9E0A2665B}D:\programy\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=d:\programy\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{414D4DA0-5DAC-46AB-86A7-DF30F817B15C}D:\programy\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=d:\programy\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{68944D6B-1CA2-48CA-81A7-335B4064E595}D:\programy\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\programy\winamp\winamp.exe |
"TCP Query User{B372848D-B2E0-4414-993B-01C4E41F899A}D:\gry\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\gry\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"UDP Query User{072305AC-3E57-402C-9822-E78AA1F7932B}D:\programy\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=d:\programy\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{0F1FE9CD-B967-4F4D-9180-24B13602691C}D:\programy\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=d:\programy\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{9E48AAC3-C7CE-4DB2-97AB-9689E098675F}D:\gry\electronic arts\crytek\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\gry\electronic arts\crytek\crysis 2\bin32\crysis2.exe |
"UDP Query User{B1F912B4-815D-461D-89F4-E32472DB3666}D:\programy\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\programy\winamp\winamp.exe |
"UDP Query User{B3A31FA0-4464-4F35-B977-9163EF02A408}D:\programy\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\programy\winamp\winamp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00A80CD3-3F2D-9A25-5946-9CDCD9720825}" = CCC Help German
"{02679CA8-A830-AD29-AB87-077E5FE9EA30}" = CCC Help Swedish
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2A59C2D0-401A-D15A-D458-534FD7653B01}" = CCC Help Portuguese
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{35ACEB92-8B41-06E1-3A41-A8389171B3AE}" = CCC Help Thai
"{3640874B-3C05-E28B-BF00-D8FF4F2D0595}" = CCC Help Dutch
"{4BF6FA51-9027-2521-7555-C5D1906E3AC1}" = CCC Help Korean
"{4D3286A6-F6AB-498A-82A4-E4F040529F3D}" = ASUS Smart Gesture
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{568E8031-C40A-45CB-9285-FC34D9279BEA}" = CCC Help French
"{58172D66-2F69-4215-9AEC-ED8196023736}" = ASUS Tutor
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6C99355D-2CBC-76F1-5AB2-49E1FFE7410B}" = CCC Help Greek
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{749F674B-2674-47E8-879C-5626A06B2A91}" = ASUS InstantOn
"{755D0C0E-5706-52B9-4A97-C207B4D9672B}" = CCC Help Chinese Standard
"{7664300B-FB27-2073-40F9-84D4A24C84A6}" = CCC Help Hungarian
"{8249C881-0FAC-9363-E893-A1AB84498B65}" = Catalyst Control Center Graphics Previews Common
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}" = ASUS Instant Connect
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A584509-37E8-6022-4305-59629A892605}" = Catalyst Control Center Localization All
"{8CF5741E-D997-705A-DFE9-D0B5BA73C0EE}" = CCC Help Spanish
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0415-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{B245D1AB-AB90-9404-C01B-8D487BD99421}" = Catalyst Control Center InstallProxy
"{B48CC4AF-D5C0-5691-E4DE-B7733EC3813D}" = CCC Help Finnish
"{B5A9AAD1-4F23-7204-326D-F9BEF9386A06}" = CCC Help Italian
"{B90E4381-BFE2-3E0D-8349-C894A763A16C}" = CCC Help Japanese
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BFDDF42D-D76E-03D0-1998-417DE6136E56}" = CCC Help Danish
"{CDDCE9E6-0FD8-0555-E739-15A221AE22BE}" = CCC Help Polish
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DAAB5117-31F3-1FCB-F271-83E26592B139}" = CCC Help Russian
"{DB5FFCB9-8B40-CB91-A689-5A25B1A7CABB}" = CCC Help English
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"{E72F1051-B87E-4EF4-AE9F-8FDD229CC438}" = Catalyst Control Center - Branding
"{ECC69DF0-0A86-0389-5633-B6912F3E99D6}" = CCC Help Norwegian
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE877592-4C1B-42E3-907B-141E48163E05}" = SlimDrivers
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin
"{F17D78B2-FCC7-9C6E-23F5-F184596802B4}" = CCC Help Czech
"{F9E4DA6D-422C-C5A3-A54E-A5951D312196}" = AMD VISION Engine Control Center
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FD9F1C73-16B3-70CA-A45D-84253DBD74C5}" = CCC Help Chinese Traditional
"{FE8D0D5E-565F-FB7A-E849-7D185EAB8C4F}" = CCC Help Turkish
"ALLPlayer_is1" = ALLPlayer V4.X
"Asus Vibe2.0" = AsusVibe2.0
"AutoItv3" = AutoIt v3.3.8.1
"avast" = avast! Free Antivirus
"bi_uninstaller" = Bundled software uninstaller
"FilesFrog Update Checker" = FilesFrog Update Checker
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"NapiProjekt_is1" = NapiProjekt (2.1.1.2314)
"Prototype_R.G. Mechanics_is1" = Prototype
"UltraISO_is1" = UltraISO Premium V9.52
"uTorrent" = µTorrent
"uTorrentControl_v6 Toolbar" = uTorrentControl_v6 Toolbar
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1273210352-1551443763-1818612932-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
"Winamp Detect" = Detektor Winampa

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2013-09-12 16:23:31 | Computer Name = Gumak | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: atieclxx.exe, wersja: 6.14.11.1143,
sygnatura czasowa: 0x5143523e Nazwa modułu powodującego błąd: atieclxx.exe, wersja:
6.14.11.1143, sygnatura czasowa: 0x5143523e Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x000000000002ea19 Identyfikator procesu powodującego błąd: 0x1134 Godzina
uruchomienia aplikacji powodującej błąd: 0x01ceaff5f186f266 Ścieżka aplikacji powodującej
błąd: C:\Windows\system32\atieclxx.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\atieclxx.exe
Identyfikator
raportu: 307273b5-1be9-11e3-bee3-08606e4b99c4 Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error - 2013-09-13 03:22:18 | Computer Name = Gumak | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 2013-09-14 06:35:56 | Computer Name = Gumak | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 2013-09-14 23:12:55 | Computer Name = Gumak | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 2013-09-15 16:54:00 | Computer Name = Gumak | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: atieclxx.exe, wersja: 6.14.11.1143,
sygnatura czasowa: 0x5143523e Nazwa modułu powodującego błąd: atieclxx.exe, wersja:
6.14.11.1143, sygnatura czasowa: 0x5143523e Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x000000000002ea19 Identyfikator procesu powodującego błąd: 0x1418 Godzina
uruchomienia aplikacji powodującej błąd: 0x01ceb255b39ed9f7 Ścieżka aplikacji powodującej
błąd: C:\Windows\system32\atieclxx.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\atieclxx.exe
Identyfikator
raportu: f1906cb5-1e48-11e3-bee8-08606e4b99c4 Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error - 2013-09-16 01:44:06 | Computer Name = Gumak | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 2013-09-16 17:34:04 | Computer Name = Gumak | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: atieclxx.exe, wersja: 6.14.11.1143,
sygnatura czasowa: 0x5143523e Nazwa modułu powodującego błąd: atieclxx.exe, wersja:
6.14.11.1143, sygnatura czasowa: 0x5143523e Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x000000000002ea19 Identyfikator procesu powodującego błąd: 0x1464 Godzina
uruchomienia aplikacji powodującej błąd: 0x01ceb32476f6bc32 Ścieżka aplikacji powodującej
błąd: C:\Windows\system32\atieclxx.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\atieclxx.exe
Identyfikator
raportu: b536e9bb-1f17-11e3-beec-08606e4b99c4 Pełna nazwa pakietu powodującego błąd:
Identyfikator aplikacji względem pakietu powodującego błąd:

Error - 2013-09-17 02:03:41 | Computer Name = Gumak | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 2013-09-17 14:42:57 | Computer Name = Gumak | Source = Application Hang | ID = 1002
Description = Program Explorer.EXE w wersji 6.2.9200.16628 przestał współpracować
z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej
informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum
akcji w Panelu sterowania. Identyfikator procesu: 994 Godzina rozpoczęcia: 01ceb3c48e88f7d4

Godzina
zakończenia: 0 Ścieżka aplikacji: C:\Windows\Explorer.EXE Identyfikator raportu:
f1adbc76-1fc8-11e3-bef2-08606e4b99c4 Pełna nazwa pakietu powodującego błąd: Identyfikator
aplikacji względem pakietu powodującego błąd:

Error - 2013-09-18 01:49:41 | Computer Name = Gumak | Source = Office 2013 Licensing Service | ID = 0
Description =

[ System Events ]
Error - 2013-09-17 16:44:49 | Computer Name = Gumak | Source = sptd | ID = 262148
Description = Sterownik wykrył błąd wewnętrzny w swoich strukturach danych dla .

Error - 2013-09-17 16:44:54 | Computer Name = Gumak | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =

Error - 2013-09-17 16:45:08 | Computer Name = Gumak | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 22:39:40 na ?2013-?09-?17 było
nieoczekiwane.

Error - 2013-09-17 16:45:16 | Computer Name = Gumak | Source = Application Popup | ID = 875
Description =

Error - 2013-09-17 16:45:16 | Computer Name = Gumak | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi atksgt z powodu następującego błędu: %%1275

Error - 2013-09-18 01:39:05 | Computer Name = Gumak | Source = sptd | ID = 262148
Description = Sterownik wykrył błąd wewnętrzny w swoich strukturach danych dla .

Error - 2013-09-18 01:39:08 | Computer Name = Gumak | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =

Error - 2013-09-18 01:39:22 | Computer Name = Gumak | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 22:45:08 na ?2013-?09-?17 było
nieoczekiwane.

Error - 2013-09-18 01:39:39 | Computer Name = Gumak | Source = Application Popup | ID = 875
Description =

Error - 2013-09-18 01:39:39 | Computer Name = Gumak | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi atksgt z powodu następującego błędu: %%1275


< End of report >
OTL.exe
OTL logfile created on: 2013-09-24 22:12:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mateusz\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd

3,59 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 66,01% Memory free
4,65 Gb Paging File | 3,12 Gb Available in Paging File | 67,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186,30 Gb Total Space | 130,09 Gb Free Space | 69,83% Space Free | Partition Type: NTFS
Drive D: | 258,44 Gb Total Space | 129,81 Gb Free Space | 50,23% Space Free | Partition Type: NTFS

Computer Name: GUMAK | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-09-24 22:09:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Downloads\OTL.exe
PRC - [2013-09-17 09:17:14 | 029,395,264 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
PRC - [2013-09-17 05:21:30 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013-06-03 23:39:37 | 001,045,072 | ---- | M] (BitTorrent Inc.) -- D:\Programy\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013-05-10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013-05-09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-10-31 12:09:50 | 000,020,352 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
PRC - [2012-08-07 00:56:14 | 000,590,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
PRC - [2012-08-04 02:31:12 | 000,184,704 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012-07-25 19:53:18 | 001,558,176 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2012-07-25 04:21:22 | 001,123,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012-07-24 04:59:02 | 000,105,120 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2012-07-18 02:54:20 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012-07-06 21:23:40 | 000,322,208 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012-05-28 20:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2012-04-13 20:14:00 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
PRC - [2012-03-29 04:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012-02-02 17:16:56 | 002,671,936 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\Daemon Tools Pro\DTShellHlp.exe
PRC - [2011-11-22 00:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2011-03-14 17:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe


========== Modules (No Company Name) ==========

MOD - [2013-09-19 21:54:05 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\1f8e89f1344171031271d80ff21366ec\UIAutomationTypes.ni.dll
MOD - [2013-09-17 05:21:27 | 000,410,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
MOD - [2013-09-17 05:21:26 | 013,611,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
MOD - [2013-09-17 05:21:25 | 004,053,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
MOD - [2013-09-17 05:20:34 | 000,709,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
MOD - [2013-09-17 05:20:33 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libegl.dll
MOD - [2013-09-17 05:20:31 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
MOD - [2013-08-17 11:15:56 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\624ad6159b6e241ad6d28bf4dca9f14b\System.Xml.ni.dll
MOD - [2013-08-17 11:15:41 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\123cf617d7b6b31c44e39f8594f064c5\System.Xaml.ni.dll
MOD - [2013-08-17 11:15:38 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3143512c68ba24d18b7444b13fae2abb\System.Windows.Forms.ni.dll
MOD - [2013-08-17 11:14:28 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3603744988436295da5d16e76038e484\System.Drawing.ni.dll
MOD - [2013-08-17 11:14:08 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\19ecec839509af76b1bc0ccbabd60acd\System.Configuration.ni.dll
MOD - [2013-08-17 11:14:05 | 000,467,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\cb65dcc8c60f33d257283ef1416a2175\PresentationFramework.Aero2.ni.dll
MOD - [2013-08-17 11:14:04 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\972bf4ffab06e561447d12baf3b3dfa9\PresentationFramework.ni.dll
MOD - [2013-08-17 11:13:28 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\5b504b7cd800dcd6c06d841d94ca099a\PresentationCore.ni.dll
MOD - [2013-08-17 11:13:07 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8ff5be01c9600b28d3e41db3dbafc840\WindowsBase.ni.dll
MOD - [2013-08-17 11:12:42 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\375a937eec7d6faa53ac11ab2973eb76\System.ni.dll
MOD - [2013-07-14 11:55:41 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\5e3a9f3d64adfb3c69b49d37368bf454\mscorlib.ni.dll


========== Services (SafeList) ==========

SRV - [2013-05-10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-09-20 10:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012-07-26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012-07-24 04:59:02 | 000,105,120 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2012-04-13 20:14:00 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011-11-22 00:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011-03-14 17:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)


========== Driver Services (SafeList) ==========

DRV - [2011-09-07 19:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2010-01-29 11:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- D:\Programy\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009-07-03 03:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1273210352-1551443763-1818612932-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dostępne tylko dla zarejestrowanych użytkowników
IE - HKU\S-1-5-21-1273210352-1551443763-1818612932-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
Dostępne tylko dla zarejestrowanych użytkowników

IE - HKU\S-1-5-21-1273210352-1551443763-1818612932-1001\..\URLSearchHook: {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1273210352-1551443763-1818612932-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1273210352-1551443763-1818612932-1001\..\SearchScopes\{DD4615C2-6E9C-4384-8270-627C1CF17403}: "URL" = Dostępne tylko dla zarejestrowanych użytkowników{searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN26451629281606220&UM=1
IE - HKU\S-1-5-21-1273210352-1551443763-1818612932-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Mateusz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: \r\nhttp://www.idg.pl/start\r\n
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Mateusz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - Extension: Dokumenty Google = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: ssavveenshAree = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\capdlhlojldoppgomfgbhaibkedhjjcd\1\
CHR - Extension: Szukaj w Google = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-07-26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (uTorrentControl_v6 Toolbar) - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\gry\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (uTorrentControl_v6 Toolbar) - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1273210352-1551443763-1818612932-1001\..\Toolbar\WebBrowser: (uTorrentControl_v6 Toolbar) - {96F454EA-9D38-474F-B504-56193E00C1A5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1273210352-1551443763-1818612932-1001..\Run: [ALLUpdate] D:\Gry\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1273210352-1551443763-1818612932-1001..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\Daemon Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1273210352-1551443763-1818612932-1001..\Run: [Facebook Update] C:\Users\Mateusz\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1273210352-1551443763-1818612932-1001..\Run: [SDP] C:\Users\Mateusz\AppData\Local\FilesFrog Update Checker\update_checker.exe (Somoto)
O4 - HKU\S-1-5-21-1273210352-1551443763-1818612932-1001..\Run: [uTorrent] D:\Programy\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-21-1273210352-1551443763-1818612932-1001..\Run: [WindowsUpdate] C:\Users\Mateusz\AppData\Local\Temp\data\Microsoft.vbs ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD34210D-680E-40FB-A167-E74D679B41BF}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{05922762-14b6-11e3-beca-08606e4b99c4}\Shell - "" = AutoRun
O33 - MountPoints2\{05922762-14b6-11e3-beca-08606e4b99c4}\Shell\AutoRun\command - "" = "G:\AutoRun.exe"
O33 - MountPoints2\{71337e93-d50f-11e2-be7f-08606e4b99c4}\Shell - "" = AutoRun
O33 - MountPoints2\{71337e93-d50f-11e2-be7f-08606e4b99c4}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{7bbab8f9-ceaf-11e2-be79-08606e4b99c4}\Shell - "" = AutoRun
O33 - MountPoints2\{7bbab8f9-ceaf-11e2-be79-08606e4b99c4}\Shell\AutoRun\command - "" = "F:\setup.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-09-18 11:22:16 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\SlimWare Utilities Inc
[2013-09-18 11:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
[2013-09-18 11:21:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers
[2013-09-18 11:21:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2013-09-17 21:36:08 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Bundled software uninstaller
[2013-09-17 21:36:07 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
[2013-09-17 21:36:06 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\FilesFrog Update Checker
[2013-09-13 09:24:52 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\NapiProjekt
[2013-09-13 09:22:44 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Programs
[2013-09-03 18:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService
[2013-09-02 19:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
[2013-09-02 19:01:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoIt3
[2013-09-01 07:52:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
[2013-09-01 07:52:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EZB Systems
[2013-09-01 07:52:31 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\My ISO Files
[2013-08-31 18:46:11 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Cyberlink
[2013-08-31 18:46:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Documents\CyberLink
[2013-08-31 18:46:03 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\CyberLink
[2013-08-31 18:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013-08-31 14:05:55 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools
[2013-08-28 21:08:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013-08-28 21:00:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013-08-28 21:00:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013-08-28 20:59:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013-08-28 20:57:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013-08-28 20:55:26 | 000,000,000 | ---D | C] -- C:\AMD
[2013-08-28 20:11:19 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AppEx Networks
[2013-08-27 23:09:06 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\AMD
[2013-08-27 17:14:25 | 000,000,000 | ---D | C] -- C:\swsetup
[2013-08-27 09:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2013-08-27 09:50:30 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\PAYDAY
[2013-08-27 09:44:58 | 000,071,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\physxloader.dll
[2013-08-27 09:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-09-24 21:59:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-09-24 21:59:43 | 000,000,426 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2013-09-24 21:59:25 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-09-24 21:57:48 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013-09-24 21:57:47 | 3081,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2013-09-24 21:49:06 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-09-24 18:40:02 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1273210352-1551443763-1818612932-1001UA.job
[2013-09-24 18:40:01 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1273210352-1551443763-1818612932-1001Core.job
[2013-09-21 10:59:55 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-09-18 11:21:17 | 000,002,467 | ---- | M] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2013-09-13 09:24:52 | 000,000,694 | ---- | M] () -- C:\Users\Mateusz\Desktop\NapiProjekt.lnk
[2013-09-01 16:28:49 | 000,000,017 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\resmon.resmoncfg
[2013-09-01 07:52:36 | 000,000,661 | ---- | M] () -- C:\Users\Public\Desktop\UltraISO.lnk
[2013-08-27 09:44:59 | 000,071,008 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\physxloader.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-09-18 11:22:20 | 000,000,426 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2013-09-18 11:21:17 | 000,002,467 | ---- | C] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
[2013-09-13 09:24:52 | 000,000,694 | ---- | C] () -- C:\Users\Mateusz\Desktop\NapiProjekt.lnk
[2013-09-01 16:28:49 | 000,000,017 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\resmon.resmoncfg
[2013-09-01 07:52:36 | 000,000,661 | ---- | C] () -- C:\Users\Public\Desktop\UltraISO.lnk
[2013-06-18 12:23:35 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013-06-18 12:23:35 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2013-04-25 23:29:40 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013-04-25 23:29:40 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2012-11-27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012-11-06 07:26:59 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2012-11-06 07:09:35 | 000,040,958 | ---- | C] () -- C:\Windows\SysWow64\drivers\RT3298.BIN
[2012-11-06 07:09:35 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012-11-06 07:00:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012-08-24 09:58:23 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012-08-24 09:58:23 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012-08-24 09:58:23 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012-08-05 03:42:20 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2012-08-05 03:42:20 | 000,000,217 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2012-07-26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012-07-26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012-07-26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012-07-26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012-07-25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012-07-25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012-07-25 22:22:56 | 000,267,284 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012-07-25 22:22:54 | 000,963,376 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012-06-02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2012-11-06 08:09:11 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-03-06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-03-06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012-07-26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012-07-26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012-07-26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-06-11 17:23:21 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ASUS
[2013-06-03 04:04:51 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ASUS WebStorage
[2013-08-31 14:05:55 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools
[2013-06-06 15:51:22 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Pro
[2013-09-13 09:25:57 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\NapiProjekt
[2013-06-11 10:13:40 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Prototype
[2013-09-24 22:25:13 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >

-- 24 wrz 2013, 22:48 --

Dodam ze moj system to windows 8 64 bit a program antywirusowy ktory nic nie znajduje to Avast,
Pozdrawiam

Dubel :arrow: Śmietnik,
XMan.
Na górę

  • Reklama

Wróć do „Śmietnik”



Kto jest online

Użytkownicy przeglądający to forum: Obecnie na forum nie ma żadnego zarejestrowanego użytkownika i 1 gość