x-kom hosting

problem z usunięciem pliku

phiuz
utworzono
utworzono

Witam. Mam pewien problem. Ściągnąłem dziś jakąś lewą fifę manager 2011 i zamontowałem jej obraz iso w deamonie. Niestety instalacja nie powiodła się, ponieważ wyskakiwał mi trojan. Postanowiłem więc usunąć ją, lecz nie można, ponieważ system rzekomo używa tego pliku. Wyłączyłem explorer i uruchomiłem total commandera, jednak to też mi nie pomogło. Nie można usunąc pliku, trzeba usunąć jakieś tam zabezpieczenie. Nie mam już więcej pomysłów jak rozwiązać ten problem. Co mam robić? Z góry dziękuję za rady.

wirusolog
komentarz
komentarz

O jaki chodzi Ci dokładnie plik (podaj dokładną ścieżkę pliku) ?
Pokaż też log z [url=http://www.forumpc.pl/index.php?showtopic=104338][b][color=blue][u]OTL[/url][/b][/color][/u] tak na wszelki wypadek.

  • Dobra wypowiedź 1
phiuz
komentarz
komentarz (edytowane)

jest to plik iso, znajduje się w folderze pobrane (hp). przez regedit też nie mogę usunąć.

[log]zysOTL logfile created on: 2011-09-24 12:42:35 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\płydki
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,75 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 41,62% Memory free
7,49 Gb Paging File | 4,97 Gb Available in Paging File | 66,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,88 Gb Total Space | 401,63 Gb Free Space | 89,08% Space Free | Partition Type: NTFS
Drive D: | 14,58 Gb Total Space | 1,80 Gb Free Space | 12,33% Space Free | Partition Type: NTFS

Computer Name: HP-HP | User Name: Hp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - File not found --
PRC - [2011-09-24 12:41:29 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\płydki\OTL.exe
PRC - [2011-08-31 11:59:14 | 000,274,216 | ---- | M] (Conduit Ltd.) -- C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe
PRC - [2011-06-21 07:37:00 | 000,673,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2011-04-17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
PRC - [2011-01-22 03:42:04 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe
PRC - [2010-12-13 13:48:18 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010-12-10 23:02:24 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2010-11-22 14:27:00 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
PRC - [2010-11-22 14:20:48 | 002,736,128 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2010-11-09 16:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010-11-09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010-11-03 17:12:54 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010-11-03 17:07:10 | 000,769,592 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2010-05-14 12:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2010-04-23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010-04-23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010-04-23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-09-24 12:41:29 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\płydki\OTL.exe
MOD - [2011-09-24 11:19:05 | 000,311,248 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\Hp\AppData\Local\Temp\BC4D.tmp
MOD - [2011-09-23 09:11:20 | 000,888,248 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110923.030\Scxpx86.dll
MOD - [2011-08-31 12:01:48 | 004,322,600 | ---- | M] (Conduit Ltd.) -- C:\Users\Hp\AppData\LocalLow\uTorrentBar\tbuTor.dll
MOD - [2011-08-31 11:59:14 | 000,274,216 | ---- | M] (Conduit Ltd.) -- C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe
MOD - [2011-08-31 11:59:10 | 000,689,960 | ---- | M] (Conduit Ltd.) -- C:\Users\Public\Conduit\ConduitHelper\ELib.dll
MOD - [2011-08-03 19:52:06 | 002,291,128 | R--- | M] (Siber Systems) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\rf.dll
MOD - [2011-08-03 19:52:05 | 000,563,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IVPlugin.dll
MOD - [2011-07-22 08:38:01 | 005,989,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
MOD - [2011-07-16 06:30:27 | 001,048,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-07-16 06:30:27 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-06-29 16:27:10 | 000,870,328 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coUICtlr.dll
MOD - [2011-06-29 08:01:40 | 000,256,808 | ---- | M] (Conduit Ltd.) -- C:\Users\Hp\AppData\LocalLow\uTorrentBar\ldrtbuTor.dll
MOD - [2011-06-23 16:20:46 | 000,638,560 | ---- | M] (Conduit Ltd.) -- C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll
MOD - [2011-06-21 07:37:00 | 000,673,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
MOD - [2011-06-21 07:36:36 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2011-06-21 07:36:33 | 001,230,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2011-06-21 07:35:27 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msfeeds.dll
MOD - [2011-06-21 07:34:49 | 002,072,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2011-06-21 07:34:49 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
MOD - [2011-06-21 07:34:48 | 010,989,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
MOD - [2011-06-21 07:34:48 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iepeers.dll
MOD - [2011-06-21 07:34:48 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2011-06-16 06:35:50 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2011-06-07 19:39:40 | 000,064,936 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\EFACli.dll
MOD - [2011-05-24 12:34:20 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 12:34:20 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011-05-24 12:34:00 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-05-09 11:49:38 | 000,176,936 | ---- | M] (Conduit Ltd.) -- C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
MOD - [2011-05-04 12:21:28 | 001,045,432 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\MUI\18.6.0.29\15\01\cltRes.loc
MOD - [2011-05-04 06:53:10 | 001,553,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tquery.dll
MOD - [2011-04-29 02:29:50 | 000,650,680 | R--- | M] (Symantec Corporation) -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.6.0.29\UIALERT.DLL
MOD - [2011-04-29 02:29:44 | 000,518,072 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\RuleUI.dll
MOD - [2011-04-29 02:29:37 | 000,368,056 | R--- | M] (Symantec Corporation) -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.6.0.29\NPCTRAY.DLL
MOD - [2011-04-29 02:29:36 | 000,573,880 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\NPCStats.dll
MOD - [2011-04-29 02:29:28 | 000,528,824 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\NAVLOGV.dll
MOD - [2011-04-29 02:29:25 | 000,110,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\isPwd.dll
MOD - [2011-04-29 02:29:22 | 000,733,624 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\isDataPr.dll
MOD - [2011-04-29 02:29:20 | 000,122,296 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\hsui.dll
MOD - [2011-04-29 02:29:14 | 000,292,280 | R--- | M] (Symantec Corporation) -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.6.0.29\FWSESAL.DLL
MOD - [2011-04-29 02:29:09 | 000,402,872 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\cltui.dll
MOD - [2011-04-29 02:29:06 | 000,382,392 | R--- | M] (Symantec Corporation) -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.6.0.29\AVPAPP32.DLL
MOD - [2011-04-29 02:29:03 | 000,471,480 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\AVIfc.dll
MOD - [2011-04-29 02:29:01 | 000,413,112 | R--- | M] (Symantec Corporation) -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.6.0.29\ASOEHOOK.DLL
MOD - [2011-04-29 02:29:01 | 000,413,112 | R--- | M] (Symantec Corporation) -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.6.0.29\ASHELPER.DLL
MOD - [2011-04-29 02:28:59 | 000,269,240 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\AppMgr32.dll
MOD - [2011-04-29 00:33:44 | 000,681,400 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coWPPlg.dll
MOD - [2011-04-29 00:33:37 | 000,193,976 | R--- | M] (Symantec Corporation) -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.6.0.29\coParse.dll
MOD - [2011-04-29 00:33:36 | 001,207,736 | R--- | M] (Symantec Corporation) -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.6.0.29\ACCTMGR.DLL
MOD - [2011-04-29 00:33:29 | 000,436,152 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
MOD - [2011-04-29 00:33:25 | 000,388,024 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coDataPr.dll
MOD - [2011-04-27 11:37:56 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2011-04-26 22:21:00 | 000,137,672 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\cltWzHlp.dll
MOD - [2011-04-26 22:20:55 | 000,151,496 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\cltElPrv.dll
MOD - [2011-04-26 22:20:53 | 000,052,680 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\cltRDUrl.dll
MOD - [2011-04-26 22:20:52 | 000,145,864 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\cltNAHD.dll
MOD - [2011-04-26 22:20:51 | 000,830,408 | R--- | M] (Symantec Corporation) -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.6.0.29\CLTALDIS.DLL
MOD - [2011-04-26 22:20:50 | 000,126,920 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\cltLMC.dll
MOD - [2011-04-17 02:57:12 | 000,675,712 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccL100U.dll
MOD - [2011-04-17 02:45:33 | 000,291,712 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccGEvt.dll
MOD - [2011-04-17 02:45:32 | 000,387,968 | R--- | M] (Symantec Corporation) -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.6.0.29\CCJOBMGR.DLL
MOD - [2011-04-17 02:45:29 | 000,158,592 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccIPC.dll
MOD - [2011-04-17 02:45:12 | 000,085,376 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccVrTrst.dll
MOD - [2011-04-17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
MOD - [2011-04-17 02:45:10 | 000,268,672 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSet.dll
MOD - [2011-04-17 02:45:10 | 000,141,184 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvc.dll
MOD - [2011-04-05 03:25:18 | 000,389,560 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\srtsp32.dll
MOD - [2011-03-31 05:01:20 | 000,210,872 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
MOD - [2011-03-03 07:29:23 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-03-02 22:24:48 | 002,698,680 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\SYMHTML.DLL
MOD - [2011-02-18 07:35:35 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
MOD - [2011-02-16 12:18:32 | 000,338,360 | R--- | M] (Symantec Corporation) -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\18.6.0.29\SDKCMN.DLL
MOD - [2011-01-22 12:17:18 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2011-01-22 12:12:19 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2011-01-22 12:12:19 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-01-22 12:10:37 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2011-01-22 12:10:22 | 001,413,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2011-01-22 12:09:22 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\asycfilt.dll
MOD - [2011-01-22 12:07:52 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2011-01-22 12:01:24 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2011-01-22 11:56:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2011-01-22 11:56:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll
MOD - [2011-01-22 11:55:34 | 012,867,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2011-01-22 11:54:00 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
MOD - [2011-01-22 04:04:37 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Java\jre6\bin\MSVCR71.dll
MOD - [2011-01-22 04:04:37 | 000,041,760 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
MOD - [2011-01-22 04:02:17 | 000,052,920 | ---- | M] (EasyBits Software Corp.) -- C:\Windows\SysWOW64\ezUPBHook.dll
MOD - [2011-01-22 03:42:04 | 006,071,760 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\Flash10l.ocx
MOD - [2011-01-22 03:42:04 | 000,311,248 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.dll
MOD - [2011-01-22 03:42:04 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe
MOD - [2011-01-17 07:38:38 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2010-12-21 07:38:22 | 000,350,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
MOD - [2010-12-21 07:36:16 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
MOD - [2010-12-18 07:31:23 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2010-12-13 13:48:18 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MOD - [2010-12-10 23:02:24 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
MOD - [2010-12-10 09:10:14 | 000,550,400 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
MOD - [2010-12-10 08:57:34 | 003,460,096 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll
MOD - [2010-12-10 08:39:42 | 004,122,624 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll
MOD - [2010-12-10 08:23:10 | 000,028,672 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll
MOD - [2010-11-22 14:20:48 | 002,736,128 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
MOD - [2010-11-22 14:00:58 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010-11-22 14:00:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010-11-22 14:00:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2010-11-09 16:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MOD - [2010-11-09 16:20:34 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll
MOD - [2010-11-03 17:09:28 | 000,790,072 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll
MOD - [2010-11-02 06:35:35 | 001,170,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
MOD - [2010-11-02 06:35:34 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2010-11-02 06:35:34 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-10-27 06:40:22 | 001,293,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2010-09-21 15:08:38 | 000,439,168 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
MOD - [2010-09-21 15:06:02 | 000,853,912 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\wlidcli.DLL
MOD - [2010-09-21 15:03:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MOD - [2010-08-17 11:14:26 | 000,910,704 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\CLT\cltLMSx.dll
MOD - [2010-06-26 07:14:29 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-05-14 12:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MOD - [2009-12-21 18:27:50 | 000,061,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MOD - [2009-12-21 18:27:44 | 000,075,200 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 03:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009-07-14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2009-07-14 03:16:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2009-07-14 03:16:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2009-07-14 03:16:19 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2009-07-14 03:16:19 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WinSCard.dll
MOD - [2009-07-14 03:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 03:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009-07-14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2009-07-14 03:16:17 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
MOD - [2009-07-14 03:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009-07-14 03:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 03:16:15 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009-07-14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2009-07-14 03:16:13 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll
MOD - [2009-07-14 03:16:13 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2009-07-14 03:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2009-07-14 03:16:12 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll
MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 03:16:12 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 03:16:12 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pngfilt.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 03:16:03 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\networkexplorer.dll
MOD - [2009-07-14 03:16:03 | 001,537,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NlsData0000.dll
MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 03:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2009-07-14 03:16:02 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NaturalLanguage6.dll
MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009-07-14 03:16:02 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 03:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009-07-14 03:15:47 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msrating.dll
MOD - [2009-07-14 03:15:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll
MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 03:15:43 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2009-07-14 03:15:42 | 000,481,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 03:15:41 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll
MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 03:15:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2009-07-14 03:15:32 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imgutil.dll
MOD - [2009-07-14 03:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2009-07-14 03:15:28 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
MOD - [2009-07-14 03:15:27 | 000,445,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009-07-14 03:15:21 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2009-07-14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 03:15:14 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll
MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 03:15:13 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009-07-14 03:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
MOD - [2009-07-14 03:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 03:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dinput.dll
MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll
MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009-07-14 03:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009-07-14 03:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll
MOD - [2009-07-14 03:15:09 | 000,854,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009-07-14 03:15:08 | 001,826,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2009-07-14 03:15:08 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3dim700.dll
MOD - [2009-07-14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009-07-14 03:15:07 | 001,151,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 03:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009-07-14 03:15:07 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 03:15:00 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 03:14:57 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2009-07-14 03:14:52 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2009-07-14 03:14:08 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2009-07-14 03:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 03:11:23 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2009-07-14 03:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 03:11:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2009-07-14 03:11:21 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2009-07-14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009-07-14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
MOD - [2009-06-10 23:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
MOD - [2009-06-10 23:23:11 | 000,554,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll
MOD - [2009-06-10 23:14:56 | 000,652,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll
MOD - [2009-06-10 23:14:54 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcp90.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2010-12-10 09:05:42 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2010-12-09 23:33:22 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:[b]64bit:[/b] - [2010-12-02 06:44:08 | 000,275,968 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:[b]64bit:[/b] - [2010-09-22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010-08-05 20:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:[b]64bit:[/b] - [2010-07-21 15:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:[b]64bit:[/b] - [2010-06-17 05:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011-04-17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)
SRV - [2010-11-09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010-11-03 17:12:54 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010-06-19 03:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2011-09-22 16:26:41 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2011-09-21 17:09:40 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2011-07-08 17:45:12 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys -- (SymNetS)
DRV:[b]64bit:[/b] - [2011-04-27 02:51:48 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:[b]64bit:[/b] - [2011-03-31 05:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys -- (SRTSP)
DRV:[b]64bit:[/b] - [2011-03-31 05:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:[b]64bit:[/b] - [2011-03-15 04:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys -- (SymEFA)
DRV:[b]64bit:[/b] - [2011-03-11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-01-27 08:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys -- (SymDS)
DRV:[b]64bit:[/b] - [2011-01-27 07:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys -- (SymIRON)
DRV:[b]64bit:[/b] - [2010-12-17 04:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2010-12-10 23:03:46 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:[b]64bit:[/b] - [2010-12-10 11:40:38 | 008,121,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010-12-10 08:24:20 | 000,291,328 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2010-12-08 23:30:08 | 000,329,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:[b]64bit:[/b] - [2010-12-02 06:44:08 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2010-09-03 23:59:26 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010-06-17 15:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:[b]64bit:[/b] - [2010-05-15 20:04:00 | 000,073,856 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:[b]64bit:[/b] - [2010-05-15 20:04:00 | 000,028,800 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:[b]64bit:[/b] - [2010-05-06 15:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:[b]64bit:[/b] - [2010-04-29 14:43:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2010-02-18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2009-06-10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:[b]64bit:[/b] - [2009-06-10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:[b]64bit:[/b] - [2009-06-10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:[b]64bit:[/b] - [2009-06-10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011-09-23 09:11:20 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110923.030\IDSviA64.sys -- (IDSVia64)
DRV - [2011-09-09 17:47:18 | 001,152,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110909.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010-08-13 11:00:00 | 001,791,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\EX64.SYS -- (NAVEX15)
DRV - [2010-08-13 11:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010-08-13 11:00:00 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010-08-13 11:00:00 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20100813.009\ENG64.SYS -- (NAVENG)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://www.bing.com?pc=HPNTDF"]http://www.bing.com?pc=HPNTDF[/url]
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.bing.com?pc=HPNTDF"]http://www.bing.com?pc=HPNTDF[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://www.bing.com?pc=HPNTDF"]http://www.bing.com?pc=HPNTDF[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.bing.com?pc=HPNTDF"]http://www.bing.com?pc=HPNTDF[/url]
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2591046978-4148710149-1025695225-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://www.bing.com?pc=HPNTDF"]http://www.bing.com?pc=HPNTDF[/url]
IE - HKU\S-1-5-21-2591046978-4148710149-1025695225-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://search.conduit.com?SearchSource=10&ctid=CT2786678"]http://search.conduit.com?SearchSource=10&ctid=CT2786678[/url]
IE - HKU\S-1-5-21-2591046978-4148710149-1025695225-1001\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011-09-23 14:52:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_1_3 [2011-09-24 10:40:39 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome ==========[/color]


O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2591046978-4148710149-1025695225-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2591046978-4148710149-1025695225-1001\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [ConduitHelper] C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe (Conduit Ltd.)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2591046978-4148710149-1025695225-1001..\Run: [AQQ] C:\PROGRA~2\WapSter\WAPSTE~1\AQQ.exe (Creative Team S.A.)
O4 - HKU\S-1-5-21-2591046978-4148710149-1025695225-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2591046978-4148710149-1025695225-1001..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-2591046978-4148710149-1025695225-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-2591046978-4148710149-1025695225-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab[/url] (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C336A7A-3C2E-4542-9159-D4DCC2D3DA88}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-09-24 11:37:09 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2011-09-24 11:37:08 | 000,000,000 | ---D | C] -- C:\totalcmd
[2011-09-24 11:37:08 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\GHISLER
[2011-09-23 19:33:27 | 000,000,000 | ---D | C] -- C:\Data
[2011-09-23 16:36:34 | 000,000,000 | ---D | C] -- C:\Users\Hp\WapSter
[2011-09-23 16:29:54 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter
[2011-09-23 16:29:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\INTERIAPL
[2011-09-23 16:29:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WapSter
[2011-09-23 15:41:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011-09-22 16:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Sports Interactive
[2011-09-22 16:41:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2011-09-22 16:41:41 | 000,000,000 | ---D | C] -- C:\Users\Hp\Documents\Sports Interactive
[2011-09-22 16:41:40 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\Sports Interactive
[2011-09-22 16:41:40 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\Sports Interactive
[2011-09-22 16:30:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011-09-22 16:30:09 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Zero G Registry
[2011-09-22 16:29:54 | 000,000,000 | -H-D | C] -- C:\Users\Hp\InstallAnywhere
[2011-09-22 16:26:41 | 000,270,912 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011-09-22 16:26:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011-09-22 16:26:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2011-09-22 16:26:08 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\DAEMON Tools Lite
[2011-09-22 16:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011-09-22 09:16:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011-09-22 09:16:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011-09-22 07:32:20 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\Microsoft Games
[2011-09-21 21:29:16 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\CyberLink
[2011-09-21 21:29:15 | 000,000,000 | ---D | C] -- C:\Users\Hp\Documents\Youcam
[2011-09-21 21:29:15 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\CyberLink
[2011-09-21 21:17:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011-09-21 19:48:16 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\CrashDumps
[2011-09-21 19:39:27 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\Google
[2011-09-21 19:39:27 | 000,000,000 | ---D | C] -- C:\extensions
[2011-09-21 19:39:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2011-09-21 19:39:25 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\Conduit
[2011-09-21 19:39:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrentBar
[2011-09-21 19:37:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2011-09-21 19:36:19 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\uTorrent
[2011-09-21 19:36:19 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\uTorrent
[2011-09-21 17:48:55 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\WildTangent
[2011-09-21 17:23:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm
[2011-09-21 17:22:52 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\Last.fm
[2011-09-21 17:22:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
[2011-09-21 17:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Last.fm
[2011-09-21 17:17:56 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\foobar2000
[2011-09-21 17:17:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000
[2011-09-21 17:16:05 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\WinRAR
[2011-09-21 17:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011-09-21 17:16:01 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011-09-21 17:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2011-09-21 17:07:59 | 000,000,000 | ---D | C] -- C:\płydki
[2011-09-21 17:05:06 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\Diagnostics
[2011-09-21 14:47:28 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\Macromedia
[2011-09-21 14:47:27 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\Adobe
[2011-09-21 14:47:17 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\_MDLogs
[2011-09-16 14:56:28 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\AMD
[2011-09-16 14:56:20 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\ATI
[2011-09-16 14:56:20 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\ATI
[2011-09-16 14:55:18 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\Synaptics
[2011-09-16 14:55:06 | 000,000,000 | R--D | C] -- C:\Users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011-09-16 14:55:06 | 000,000,000 | R--D | C] -- C:\Users\Hp\Searches
[2011-09-16 14:55:06 | 000,000,000 | R--D | C] -- C:\Users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011-09-16 14:55:00 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\Identities
[2011-09-16 14:54:58 | 000,000,000 | R--D | C] -- C:\Users\Hp\Contacts
[2011-09-16 14:54:42 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\hpqlog
[2011-09-16 14:54:35 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\RemEngine
[2011-09-11 10:44:17 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\Hewlett-Packard
[2011-09-11 10:44:14 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\Hewlett-Packard
[2011-09-11 10:43:57 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\Hewlett-Packard_Company
[2011-09-11 10:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011-09-11 10:42:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011-09-11 10:42:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011-09-11 10:42:12 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\VirtualStore
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\Ustawienia lokalne
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\AppData\Local\Temporary Internet Files
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\Szablony
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\SendTo
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\Recent
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\PrintHood
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\NetHood
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\Documents\Moje wideo
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\Documents\Moje obrazy
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\Moje dokumenty
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\Documents\Moja muzyka
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\Menu Start
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\AppData\Local\Historia
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\Dane aplikacji
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\AppData\Local\Dane aplikacji
[2011-09-11 10:41:22 | 000,000,000 | -HSD | C] -- C:\Users\Hp\Cookies
[2011-09-11 10:41:17 | 000,000,000 | --SD | C] -- C:\Users\Hp\AppData\Roaming\Microsoft
[2011-09-11 10:41:17 | 000,000,000 | R--D | C] -- C:\Users\Hp\Videos
[2011-09-11 10:41:17 | 000,000,000 | R--D | C] -- C:\Users\Hp\Saved Games
[2011-09-11 10:41:17 | 000,000,000 | R--D | C] -- C:\Users\Hp\Pictures
[2011-09-11 10:41:17 | 000,000,000 | R--D | C] -- C:\Users\Hp\Music
[2011-09-11 10:41:17 | 000,000,000 | R--D | C] -- C:\Users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011-09-11 10:41:17 | 000,000,000 | R--D | C] -- C:\Users\Hp\Links
[2011-09-11 10:41:17 | 000,000,000 | R--D | C] -- C:\Users\Hp\Favorites
[2011-09-11 10:41:17 | 000,000,000 | R--D | C] -- C:\Users\Hp\Downloads
[2011-09-11 10:41:17 | 000,000,000 | R--D | C] -- C:\Users\Hp\Documents
[2011-09-11 10:41:17 | 000,000,000 | R--D | C] -- C:\Users\Hp\Desktop
[2011-09-11 10:41:17 | 000,000,000 | R--D | C] -- C:\Users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011-09-11 10:41:17 | 000,000,000 | -H-D | C] -- C:\Users\Hp\AppData
[2011-09-11 10:41:17 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\Temp
[2011-09-11 10:41:17 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Local\Microsoft
[2011-09-11 10:41:17 | 000,000,000 | ---D | C] -- C:\Users\Hp\AppData\Roaming\Media Center Programs
[2011-09-11 10:40:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2011-09-11 10:40:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2011-09-11 10:40:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2011-09-11 10:40:54 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2011-09-11 10:40:54 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2011-09-11 10:40:54 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2011-09-11 10:40:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2011-09-11 10:40:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2011-09-11 10:40:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-09-24 12:35:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-09-24 11:37:13 | 000,000,632 | ---- | M] () -- C:\Users\Hp\Desktop\Total Commander.lnk
[2011-09-24 10:47:48 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-09-24 10:47:48 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-09-24 10:40:17 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2011-09-23 16:30:00 | 000,000,902 | ---- | M] () -- C:\Users\Hp\Desktop\AQQ.lnk
[2011-09-23 15:00:42 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-09-23 15:00:42 | 000,687,828 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2011-09-23 15:00:42 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-09-23 15:00:42 | 000,131,382 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2011-09-23 15:00:42 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-09-23 14:17:53 | 001,744,948 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\Cat.DB
[2011-09-22 16:26:41 | 000,270,912 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011-09-22 16:26:37 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011-09-22 15:11:42 | 000,001,035 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2011-09-22 09:19:34 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Wybór przeglądarki.lnk
[2011-09-22 09:18:34 | 000,275,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-09-21 19:39:04 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2011-09-21 19:20:01 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2011-09-21 19:19:43 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHP-HP$.job
[2011-09-21 17:22:51 | 000,000,928 | ---- | M] () -- C:\Users\Public\Desktop\Last.fm.lnk
[2011-09-21 17:09:40 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011-09-21 17:09:40 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011-09-21 17:09:40 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011-09-16 14:55:13 | 000,001,455 | ---- | M] () -- C:\Users\Hp\Desktop\Internet Explorer.lnk
[2011-09-11 10:39:16 | 000,064,440 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011-09-11 10:39:16 | 000,064,440 | ---- | M] () -- C:\Windows\SysNative\license.rtf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-09-24 11:37:12 | 000,000,632 | ---- | C] () -- C:\Users\Hp\Desktop\Total Commander.lnk
[2011-09-24 11:37:09 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2011-09-24 11:37:09 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2011-09-24 11:37:09 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2011-09-24 11:37:09 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2011-09-24 11:37:09 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2011-09-24 11:37:09 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2011-09-24 11:37:09 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2011-09-23 16:30:00 | 000,000,902 | ---- | C] () -- C:\Users\Hp\Desktop\AQQ.lnk
[2011-09-22 16:26:36 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011-09-22 15:11:41 | 000,001,035 | ---- | C] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2011-09-22 09:19:34 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\Wybór przeglądarki.lnk
[2011-09-21 19:37:35 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2011-09-21 19:20:01 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2011-09-21 17:22:50 | 000,000,928 | ---- | C] () -- C:\Users\Public\Desktop\Last.fm.lnk
[2011-09-21 17:17:38 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2011-09-19 07:52:37 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForHP-HP$.job
[2011-09-16 14:55:13 | 000,001,421 | ---- | C] () -- C:\Users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011-09-16 14:55:08 | 000,001,455 | ---- | C] () -- C:\Users\Hp\Desktop\Internet Explorer.lnk
[2011-09-11 10:42:37 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011-04-27 02:54:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011-04-27 02:44:22 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011-01-22 04:10:21 | 000,000,161 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2011-01-22 04:02:19 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010-12-17 04:26:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2010-09-24 15:41:34 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2010-09-18 00:17:02 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[color=#E56717]========== LOP Check ==========[/color]

[2009-07-14 07:08:49 | 000,008,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

< End of report >
[/log]

przepraszam za post pod postem, ale log został dodany

wirusolog
komentarz
komentarz (edytowane)

Niestety, OTL nie pokazuje w takich lokalizacjach plików jak ,,pobierane". Niestety dalej lokalizacja pliku jest mi nie znana. Może SystemLook wyjaśni wszystko?

[hr]
Ściągnij -> [url=http://images.malwareremoval.com/jpshortstuff/SystemLook.exe][b][color=blue][u]SystemLook.exe[/url][/b][/color][/u]
Uruchom i w dolne białe okienko wklej to:
[quote]
:filefind
*.iso
.iso
[/quote]
Naciśnij [b]Look[/b] i pokaż raport.

  • Dobra wypowiedź 1
phiuz
komentarz
komentarz

wstawić to również jako log?

wirusolog
komentarz
komentarz

Bez różnicy jak wstawiasz, możesz wkleić raport na wklej.org

  • Dobra wypowiedź 1
phiuz
komentarz
komentarz

długo może trwać takie szukanie? mija już dłuższa chwila i nadal nic się nie pokazuje.

wirusolog
komentarz
komentarz

Tak, długo to może potrwać. Nawet z godzine.

  • Dobra wypowiedź 1
phiuz
komentarz
komentarz

[url="http://wklej.org/id/598808/"]http://wklej.org/id/598808/[/url]

oto raport

wirusolog
komentarz
komentarz (edytowane)

[quote]
Searching for "*.iso"
[b]C:\Users\Hp\Downloads\FiFa Manager 2011 - RELOADED VERSION+.Crack.iso[/b] --a---- -846321664 bytes [14:44 23/09/2011][/quote]
Mamy naszego ,,smrodka" :)

[hr]

[b]1.[/b] Uruchom [b]OTL[/b] i w dolne białe pole wklej to:
[code]
:processes
killallprocesses

:OTL
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

:Files
C:\Users\Hp\Downloads\FiFa Manager 2011 - RELOADED VERSION+.Crack.iso

:Commands
[emptyflash]
[emptytemp]
[/code]
Kliknij w [b]Wykonaj Script[/b]. Pokaż raport który pokaże się po restarcie.

[b]2.[/b] Odinstaluj śmiecia: [b]Conduit Ltd.[/b]

  • Dobra wypowiedź 1
phiuz
komentarz
komentarz (edytowane)

[log]All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
========== FILES ==========
File move failed. C:\Users\Hp\Downloads\FiFa Manager 2011 - RELOADED VERSION+.Crack.iso scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Hp
->Flash cache emptied: 7890 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Hp
->Temp folder emptied: 847479258 bytes
->Temporary Internet Files folder emptied: 53079792 bytes
->Java cache emptied: 390095 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7132619 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50534 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 866,00 mb


OTL by OldTimer - Version 3.2.29.1 log created on 09242011_135245
Files\Folders moved on Reboot...
C:\Users\Hp\Downloads\FiFa Manager 2011 - RELOADED VERSION+.Crack.iso moved successfully.
C:\Users\Hp\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Hp\AppData\Local\Temp\~DF151B9EEA5869DD7D.TMP not found!
File\Folder C:\Users\Hp\AppData\Local\Temp\~DF17AF18514C8EB720.TMP not found!
File\Folder C:\Users\Hp\AppData\Local\Temp\~DF1816C2E9D8550434.TMP not found!
File\Folder C:\Users\Hp\AppData\Local\Temp\~DF1AE29BD393D8E45A.TMP not found!
File\Folder C:\Users\Hp\AppData\Local\Temp\~DF3DDE46CFB2078C7F.TMP not found!
File\Folder C:\Users\Hp\AppData\Local\Temp\~DF438FA28318A467AF.TMP not found!
File\Folder C:\Users\Hp\AppData\Local\Temp\~DF73814C0440BE6CA6.TMP not found!
File\Folder C:\Users\Hp\AppData\Local\Temp\~DFB92FF9188D82F4B0.TMP not found!
Registry entries deleted on Reboot...
[/log]


oto raport


system nie znalazł żadnego ConduitLtd. jest tylko ConduitHelper. co w związku z tym?

nie można też tego odinstalować, bo nie ma tego w panelu sterowania. w takim razie usunąć folder z dysku c?

podobnie jak w przypadku pliku iso - nie mogę tego usunąć.

wirusolog
komentarz
komentarz

[quote]
C:\Users\Hp\Downloads\FiFa Manager 2011 - RELOADED VERSION+.Crack.iso moved successfully.
[/quote]
Plik został przeniesiony do kwarantanny OTL'a.

[b]1.[/b] Odinstaluj [b]ConduitHelpe[/b].

[b]2.[/b] Ściągnij [url=http://www.teamxscript.org/too/AD-R.exe][b][color=blue][u]Ad-Remover[/url][/b][/color][/u] i wciśnij w nim [size=150][b]Clean[/b][/size]
Pokaż raport z tego narzędzia.

phiuz
komentarz
komentarz

niestety nie udało mi się odinstalować ConduitHelpe, a gdy odpalam Ad-Removera wyskakuje - NOT ADMINISTRATOR.

Gość
komentarz
komentarz

Uruchom Ad-remower z prawokliku [b]jako administrator[/b].

  • Dobra wypowiedź 1
phiuz
komentarz
komentarz

[log]======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======
Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: [url="http://www.teamxscript.orgC:Program"]http://www.teamxscript.org[/url]
[url="http://www.teamxscript.orgC:Program"]C:\Program[/url] Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 16:12:54 on 24/09/2011, Normal boot
Microsoft Windows 7 Home Premium (X64)
[email="Hp@HP-HP"]Hp@HP-HP[/email] (Hewlett-Packard HP Pavilion g6 Notebook PC)

============== ACTION(S) ==============

Folder deleted: C:\Users\Hp\AppData\Local\Conduit
Folder deleted: C:\Users\Hp\AppData\LocalLow\Conduit
Folder deleted: C:\Program Files (x86)\Conduit
(!) -- Temporary files deleted.

Key deleted: HKLM\Software\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key deleted: HKLM\Software\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key deleted: HKLM\Software\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key deleted: HKLM\Software\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key deleted: HKLM\Software\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key deleted: HKLM\Software\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key deleted: HKLM\Software\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
Key deleted: HKLM\Software\Classes\Toolbar.CT2786678
Key deleted: HKLM\Software\Conduit
Key deleted: HKCU\Software\AppDataLow\Toolbar
Key deleted: HKCU\Software\AppDataLow\Software\Conduit
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

============== ADDITIONNAL SCAN ==============
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - "uTorrentBar Toolbar" (C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll)
HKLM_URLSearchHooks|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - "uTorrentBar Toolbar" (C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll)
HKCU_SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} - "Ask.com" (hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF)
HKCU_SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} - "Wikipedia" (hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} - "Web Search" (hxxp://startsear.ch/?aff=1&q={searchTerms})
HKLM_SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} - "Ask.com" (hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF)
HKLM_SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3} - "Wikipedia" (hxxp://pl.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKCU_Toolbar\WebBrowser|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} (C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll)
HKCU_Toolbar\WebBrowser|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (x)
HKLM_Toolbar|{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} (C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll)
HKLM_Toolbar|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (x)
HKLM_ElevationPolicy\{04C44D72-0FB2-40CD-BFA6-9BB56E71E4B9} - C:\Users\Hp\AppData\Local\Conduit\CT2786678\uTorrentBarAutoUpdateHelper.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{89B85129-72E6-45FB-B526-985F8ADEDD00} - C:\Program Files (x86)\uTorrentBar\uTorrentBarToolbarHelper.exe (?)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
BHO\{9030D464-4C02-4ABF-8ECC-5164760863C6} - "Pomocnik logowania za pomocą identyfikatora Windows Live" (C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll)
BHO\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - "uTorrentBar Toolbar" (C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 24 File(s)
C:\Program Files (x86)\Ad-Remover\Backup: 13 File(s)
C:\Ad-Report-CLEAN[1].txt - 24/09/2011 16:13:10 (5963 Byte(s))
End at: 16:13:58, 24/09/2011

============== E.O.F ==============
[/log]

wirusolog
komentarz
komentarz

Uruchom SystemLook i w dolne białe okienko wklej to:
[quote]
:filefind
Conduit

:regfind
Conduit[/quote]
Wciśnij [b]Look[/b] i czekaj, aż pojawi się raport.

  • Dobra wypowiedź 1
phiuz
komentarz
komentarz

Przepraszam, ale zapomniałem o tym temacie i dopiero teraz go odkopałem.

[log]SystemLook 30.07.11 by jpshortstuff
Log created at 10:41 on 02/10/2011 by Hp
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== filefind ==========

Searching for "Conduit"
No files found.

========== regfind ==========

Searching for "Conduit"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ConduitHelper]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar]
"GroupingServerURL"="http://grouping.services.conduit.com/"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar]
"SearchServerUrl"="http://search.conduit.com"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar]
"Server"="users.conduit.com"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar]
"UsageURL"="http://usage.users.conduit.com/UsersWebService.asmx/UsersRequests"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar]
"SocialDomains"="http://apps.conduit.com; http://social.conduit.com"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar]
"ConduitHelperDialogsBaseURL"="http://dynamicdialogs.toolbar.conduit-services.com/conduithelper/dialogs/BitTorrentShort"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar]
"PrivacyPageURL"="http://www.conduit.com/privacy/Default.aspx"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar]
"DisplayTrusteSeal"="http://trust.conduit.com/EB_ORIGINAL_CTID"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar]
"ClientLogURL"="http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar]
"UninstallURL"="http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar]
"AppsDetectionUrlPattern"="http://appdownload.conduit.com/"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppRegisterUsage]
"ServiceUrl"="http://apps.usage.conduit-services.com/AppOperations/AppRegistration.ashx"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppsMetaData]
"ServiceUrl"="http://appsmetadata.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppsSettings]
"ServiceUrl"="http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_COMP_ID"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppTrackingFirstTime]
"ServiceUrl"="http://tracking.usage.app.conduit-services.com/FirstTime.ashx?current=EB_APPTRACKING_CURRENT_STATE"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppTrackingUsage]
"ServiceUrl"="http://tracking.usage.app.conduit-services.com/Usage.ashx"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppUninstallUsage]
"ServiceUrl"="http://apps.usage.conduit-services.com/AppOperations/AppUninstall.ashx"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\BrowserToolbarsInfo]
"ServiceUrl"="http://counting.usage.toolbar.conduit-services.com/usage.ashx"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ClientErrorLog]
"ServiceUrl"="http://clientlog.users.conduit.com/ClientDiagnostics.asmx?op=ReportDiagnosticsEvent"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\DynamicDialogs]
"ServiceUrl"="http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=EB_TOOLBAR_VERSION"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\GottenAppsContextMenu]
"ServiceUrl"="http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=EB_LOCALE"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\HostingUsage]
"ServiceUrl"="http://usage.hosting.toolbar.conduit-services.com/usage.ashx"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\OtherAppsContextMenu]
"ServiceUrl"="http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=EB_LOCALE"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\SearchSettings]
"ServiceUrl"="http://API.search.conduit.com/Settings/?ctid=EB_TOOLBAR_ID"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\SharedAppsContextMenu]
"ServiceUrl"="http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=EB_LOCALE"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarAppComponentUsage]
"ServiceUrl"="http://component.usage.toolbar.conduit-services.com/ToolbarComponentUsage.ashx"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarAppUsage]
"ServiceUrl"="http://usage.toolbar.conduit-services.com/ToolbarUsage.ashx"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarComponentUsage]
"ServiceUrl"="http://component.usage.toolbar.conduit-services.com/ToolbarComponentUsage.ashx"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarContextMenu]
"ServiceUrl"="http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=EB_LOCALE"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarLogin]
"ServiceUrl"="http://login.toolbar.conduit-services.com/Login.ashx"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarSettings]
"ServiceUrl"="http://settings.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarSettingsForPublisher]
"ServiceUrl"="http://settings.publisher.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarSettingsForSB]
"ServiceUrl"="http://settings.smartbar.conduit-services.com/settings/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarTranslation]
"ServiceUrl"="http://translation.toolbar.conduit-services.com/?locale=EB_LOCALE"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarUninstall]
"ServiceUrl"="http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarUsage]
"ServiceUrl"="http://usage.toolbar.conduit-services.com/ToolbarUsage.ashx"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\UninstallDialog]
"ServiceUrl"="http://UninstallDialog.conduit-services.com/view/view.aspx?ctid=EB_TOOLBAR_ID&version=EB_TOOLBAR_VERSION"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\UninstallDialogUsage]
"ServiceUrl"="http://uninstalldialogusage.toolbar.conduit-services.com/Usage.ashx"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678_CT2786678]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678_en]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\1139476484]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\1234074787]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\132127607]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\1427881991]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\1567545363]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\2601112605]
"dbname"="conduit_CT2786678_en"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\3180454708]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\3867187348]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\584851373]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings]
"APITrustedDomains"="conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCityToolbar.com,MyCollegeToolbar.com,MyFamilyToolbar.com,MyForumToolbar.com,MyLibraryToolbar.com,MyRadioToolbar.com,MyStoreToolbar.com,MyTownToolbar.com,MyUniversityToolbar.com,OurChurchToolbar.com,MyXangaToolbar.com,Media-Toolbar.com,LoyaltyToolbar.com,MyTeamToolbar.com,GreatToolbars.com,OurOrganizationToolbar.com,OurBusinessToolbar.com,Toolbar.fm"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings]
"SocialDomains"="social.conduit.com;apps.conduit.com;services.apps.conduit.com"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\BackHandStorage\http___cap1_conduit-apps_com_uTorrent_20110207_maincomp_html]
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\FeatureProtector\BrowserSearch]
"URLFromService"="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\FeatureProtector\BrowserSearch]
"ConduitEnabled"="TRUE"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\FeatureProtector\HomePage]
"URLFromService"="http://search.conduit.com?SearchSource=10&ctid=CT2786678"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\FeatureProtector\HomePage]
"ConduitEnabled"="TRUE"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\MyStuff]
"AddStuffLink"="http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\MyStuff]
"ConduitEnable"="TRUE"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\Search\Settings]
"ContextMenuSearchUrl"="http://search.conduit.com/ResultsExt.aspx?q=MYSEARCHTERM&ctid=EB_CTID&octid=EB_ORIGINAL_CTID&SearchSource=8"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\SearchInNewTab]
"AboutTabsDataUrlConduit"="http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\SearchInNewTab]
"AboutTabsEnabledByConduit"="TRUE"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\SearchInNewTab]
"AboutTabsUsageUrl"="http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\Update]
"ModuleURL"="http://ieupdate.conduit.com/ver6.6.0.19/tbedrs.dll"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\Upgrade]
"ModuleURL"="http://ieupgrade.conduit-download.com/IEUpgrade/ver6.6.0.19/tbedrs.dll"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\Weather]
"SearchServerUrl"="http://search.conduit.com/"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\Weather\en]
"Forecast"="<FORECAST><LOCATION_ID>PKXX0006</LOCATION_ID><DAYS><DAY1><DATE>20110924</DATE><DAY>Saturday</DAY><F_MIN>67</F_MIN><F_MAX>93</F_MAX><C_MIN>19</C_MIN><C_MAX>33</C_MAX><UV_DESCRIPTION>Very High</UV_DESCRIPTION><UV_INDEX>8</UV_INDEX><SUNSET>6:02 pm</SUNSET><SUNRISE>5:57 am</SUNRISE><MOONRISE>2:12 am</MOONRISE><MOONSET>3:45 pm</MOONSET><MOON_PHASE>Waning Crescent</MOON_PHASE><CONDITION_DESCRIPTION>Sunny</CONDITION_DESCRIPTION><CONDITION_ICON>http://weather.conduit.com/images/weather/Default/sunny_big.gif</CONDITION_ICON></DAY1><DAY2><DATE>20110925</DATE><DAY>Sunday</DAY><F_MIN>67</F_MIN><F_MAX>93</F_MAX><C_MIN>19</C_MIN><C_MAX>33</C_MAX><UV_DESCRIPTION>Very High</UV_DESCRIPTION><UV_INDEX>8</UV_INDEX><SUNSET>6:01 pm</SUNSET><SUNRISE>5:57 am</SUNRISE><MOONRISE>3:19 am</MOONRISE><MOONSET>4:22 pm</MOONSET><MOON_PHASE>Waning Crescent</MOON_PHASE><CONDITION_DESCRIPTION>Sunny</CONDITION_DESCRIPTION><CONDITION_ICON>http:/
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{04C44D72-0FB2-40CD-BFA6-9BB56E71E4B9}]
"AppPath"="C:\Users\Hp\AppData\Local\Conduit\CT2786678"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ConduitHelper_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ConduitHelper_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ConduitHelper"=""C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\uTorrentBar\Communicator]
"Url"="http://servicemap.conduit-services.com/Toolbar/?ownerId=EB_ORIGINAL_CTID"
[HKEY_LOCAL_MACHINE\SOFTWARE\uTorrentBar\Communicator]
"UsageUrl"="http://usage.toolbar.conduit-services.com/ToolbarUsage.ashx"
[HKEY_LOCAL_MACHINE\SOFTWARE\uTorrentBar\toolbar]
"BrowserSearchURL"="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678"
[HKEY_LOCAL_MACHINE\SOFTWARE\uTorrentBar\toolbar]
"Server"="users.conduit.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\uTorrentBar\toolbar]
"PlatformType"="ConduitToolbarMyStuff"
[HKEY_LOCAL_MACHINE\SOFTWARE\uTorrentBar\toolbar]
"AutoUpdateHelperPath"="C:\Users\Hp\AppData\Local\Conduit\CT2786678\uTorrentBarAutoUpdateHelper.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\uTorrentBar\toolbar]
"IsConduitAppsToolbar"="FALSE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}]
@="Conduit Community Alerts"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}\InprocServer32]
@="C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8266C447-4BD3-476B-8E99-3B4EAD1FB902}]
@="Conduit Helper API Server"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8266C447-4BD3-476B-8E99-3B4EAD1FB902}\InprocServer32]
@="C:\Users\Public\Conduit\ConduitHelper\ELib_Lib0.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8266C447-4BD3-476B-8E99-3B4EAD1FB902}\ProgID]
@="ConduitHelperAPI"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8266C447-4BD3-476B-8E99-3B4EAD1FB902}\VersionIndependentProgID]
@="ConduitHelperAPI"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ConduitHelperAPI]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}]
@="Conduit Community Alerts"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}\InprocServer32]
@="C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8266C447-4BD3-476B-8E99-3B4EAD1FB902}]
@="Conduit Helper API Server"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8266C447-4BD3-476B-8E99-3B4EAD1FB902}\InprocServer32]
@="C:\Users\Public\Conduit\ConduitHelper\ELib_Lib0.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8266C447-4BD3-476B-8E99-3B4EAD1FB902}\ProgID]
@="ConduitHelperAPI"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{8266C447-4BD3-476B-8E99-3B4EAD1FB902}\VersionIndependentProgID]
@="ConduitHelperAPI"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\Conduit]
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\Conduit\ConduitHelper]
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar]
"GroupingServerURL"="http://grouping.services.conduit.com/"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar]
"SearchServerUrl"="http://search.conduit.com"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar]
"Server"="users.conduit.com"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar]
"UsageURL"="http://usage.users.conduit.com/UsersWebService.asmx/UsersRequests"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar]
"SocialDomains"="http://apps.conduit.com; http://social.conduit.com"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar]
"ConduitHelperDialogsBaseURL"="http://dynamicdialogs.toolbar.conduit-services.com/conduithelper/dialogs/BitTorrentShort"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar]
"PrivacyPageURL"="http://www.conduit.com/privacy/Default.aspx"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar]
"DisplayTrusteSeal"="http://trust.conduit.com/EB_ORIGINAL_CTID"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar]
"ClientLogURL"="http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar]
"UninstallURL"="http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar]
"AppsDetectionUrlPattern"="http://appdownload.conduit.com/"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678]
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppRegisterUsage]
"ServiceUrl"="http://apps.usage.conduit-services.com/AppOperations/AppRegistration.ashx"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppsMetaData]
"ServiceUrl"="http://appsmetadata.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppsSettings]
"ServiceUrl"="http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_COMP_ID"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppTrackingFirstTime]
"ServiceUrl"="http://tracking.usage.app.conduit-services.com/FirstTime.ashx?current=EB_APPTRACKING_CURRENT_STATE"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppTrackingUsage]
"ServiceUrl"="http://tracking.usage.app.conduit-services.com/Usage.ashx"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\AppUninstallUsage]
"ServiceUrl"="http://apps.usage.conduit-services.com/AppOperations/AppUninstall.ashx"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\BrowserToolbarsInfo]
"ServiceUrl"="http://counting.usage.toolbar.conduit-services.com/usage.ashx"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ClientErrorLog]
"ServiceUrl"="http://clientlog.users.conduit.com/ClientDiagnostics.asmx?op=ReportDiagnosticsEvent"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\DynamicDialogs]
"ServiceUrl"="http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=EB_TOOLBAR_VERSION"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\GottenAppsContextMenu]
"ServiceUrl"="http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=EB_LOCALE"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\HostingUsage]
"ServiceUrl"="http://usage.hosting.toolbar.conduit-services.com/usage.ashx"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\OtherAppsContextMenu]
"ServiceUrl"="http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=EB_LOCALE"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\SearchSettings]
"ServiceUrl"="http://API.search.conduit.com/Settings/?ctid=EB_TOOLBAR_ID"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\SharedAppsContextMenu]
"ServiceUrl"="http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=EB_LOCALE"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarAppComponentUsage]
"ServiceUrl"="http://component.usage.toolbar.conduit-services.com/ToolbarComponentUsage.ashx"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarAppUsage]
"ServiceUrl"="http://usage.toolbar.conduit-services.com/ToolbarUsage.ashx"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarComponentUsage]
"ServiceUrl"="http://component.usage.toolbar.conduit-services.com/ToolbarComponentUsage.ashx"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarContextMenu]
"ServiceUrl"="http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=EB_LOCALE"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarLogin]
"ServiceUrl"="http://login.toolbar.conduit-services.com/Login.ashx"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarSettings]
"ServiceUrl"="http://settings.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarSettingsForPublisher]
"ServiceUrl"="http://settings.publisher.toolbar.conduit-services.com/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarSettingsForSB]
"ServiceUrl"="http://settings.smartbar.conduit-services.com/settings/?ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarTranslation]
"ServiceUrl"="http://translation.toolbar.conduit-services.com/?locale=EB_LOCALE"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarUninstall]
"ServiceUrl"="http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\ToolbarUsage]
"ServiceUrl"="http://usage.toolbar.conduit-services.com/ToolbarUsage.ashx"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\UninstallDialog]
"ServiceUrl"="http://UninstallDialog.conduit-services.com/view/view.aspx?ctid=EB_TOOLBAR_ID&version=EB_TOOLBAR_VERSION"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678\UninstallDialogUsage]
"ServiceUrl"="http://uninstalldialogusage.toolbar.conduit-services.com/Usage.ashx"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678_CT2786678]
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\conduit_CT2786678_en]
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\1139476484]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\1234074787]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\132127607]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\1427881991]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\1567545363]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\2601112605]
"dbname"="conduit_CT2786678_en"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\3180454708]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\3867187348]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Repository\MetaData\584851373]
"dbname"="conduit_CT2786678_CT2786678"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings]
"APITrustedDomains"="conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCityToolbar.com,MyCollegeToolbar.com,MyFamilyToolbar.com,MyForumToolbar.com,MyLibraryToolbar.com,MyRadioToolbar.com,MyStoreToolbar.com,MyTownToolbar.com,MyUniversityToolbar.com,OurChurchToolbar.com,MyXangaToolbar.com,Media-Toolbar.com,LoyaltyToolbar.com,MyTeamToolbar.com,GreatToolbars.com,OurOrganizationToolbar.com,OurBusinessToolbar.com,Toolbar.fm"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings]
"SocialDomains"="social.conduit.com;apps.conduit.com;services.apps.conduit.com"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\BackHandStorage\http___cap1_conduit-apps_com_uTorrent_20110207_maincomp_html]
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\FeatureProtector\BrowserSearch]
"URLFromService"="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\FeatureProtector\BrowserSearch]
"ConduitEnabled"="TRUE"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\FeatureProtector\HomePage]
"URLFromService"="http://search.conduit.com?SearchSource=10&ctid=CT2786678"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\FeatureProtector\HomePage]
"ConduitEnabled"="TRUE"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\MyStuff]
"AddStuffLink"="http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\MyStuff]
"ConduitEnable"="TRUE"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\Search\Settings]
"ContextMenuSearchUrl"="http://search.conduit.com/ResultsExt.aspx?q=MYSEARCHTERM&ctid=EB_CTID&octid=EB_ORIGINAL_CTID&SearchSource=8"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\SearchInNewTab]
"AboutTabsDataUrlConduit"="http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\SearchInNewTab]
"AboutTabsEnabledByConduit"="TRUE"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\SearchInNewTab]
"AboutTabsUsageUrl"="http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\Update]
"ModuleURL"="http://ieupdate.conduit.com/ver6.6.0.19/tbedrs.dll"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\Upgrade]
"ModuleURL"="http://ieupgrade.conduit-download.com/IEUpgrade/ver6.6.0.19/tbedrs.dll"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\Weather]
"SearchServerUrl"="http://search.conduit.com/"
[HKEY_USERS\S-1-5-21-2591046978-4148710149-1025695225-1001\Software\AppDataLow\Software\uTorrentBar\toolbar\Settings\Weather\en]
"Forecast"="<FORECAST><LOCATION_ID>PKXX0006</LOCATION_ID><DAYS><DAY1><DATE>20110924</DATE><DAY>Saturday</DAY><F_MIN>67</F_MIN><F_MAX>93</F_MAX><C_MIN>19</C_MIN><C_MAX>33</C_MAX><UV_DESCRIPTION>Very High</UV_DESCRIPTION><UV_INDEX>8</UV_INDEX><SUNSET>6:02 pm</SUNSET><SUNRISE>5:57 am</SUNRISE><MOONRISE>2:12 am</MOONRISE><MOONSET>3:45 pm</MOONSET><MOON_PHASE>Waning Crescent</MOON_PHASE><CONDITION_DESCRIPTION>Sunny</CONDITION_DESCRIPTION><CONDITION_ICON>http://weather.conduit.com/images/weather/Default/sunny_big.gif</CONDITION_ICON></DAY1><DAY2><DATE>20110925</DATE><DAY>Sunday</DAY><F_MIN>67</F_MIN><F_MAX>93</F_MAX><C_MIN>19</C_MIN><C_MAX>33</C_MAX><UV_DESCRIPTION>Very High</UV_DESCRIPTION><UV_INDEX>8</UV_INDEX><SUNSET>6:01 pm</SUNSET><SUNRISE>5:57 am</SUNRISE><MOONRISE>3:19 am</MOONRISE><MOONSET>4:22 pm</MOONSET><MOON_PHASE>Waning Crescent</MOON_PHASE><CONDITION_DESCRIPTION>Sunny</COND

-= EOF =- [/log]

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.