x-kom hosting

[Rozwiązane] Mam keyloggera na kompie?

kahan32
utworzono
utworzono (edytowane)

Cześć chciałbym abyście powiedzieli mi co usunąć i czym bo myślę że mam keyloggera na kompie.Jeśli pisze w złym dziale to przepraszam pierwszy raz tu jestem.


[log]Logfile of random's system information tool 1.09 (written by random/random)
Run by u at 2012-02-01 19:04:35
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 3 GB (19%) free of 15 GB
Total RAM: 958 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:04:42, on 2012-02-01
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\DATAMN~1.EXE
C:\Program Files\office keyboard driver\Hotkey.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\CrossriderWebApps\Crossrider.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\u\Moje dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\u.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://home.sweetim.com"]http://home.sweetim.com[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://start.facemoods.com/?a=ddr&s=%7BsearchTerms%7D&f=4"]http://start.facemoo...earchTerms}&f=4[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\IEBHO.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: CrossRider - {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Program Files\CrossriderWebApps\Crossrider.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O3 - Toolbar: MediaBar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [facemoods] "C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [Hotkey] C:\Program Files\office keyboard driver\Hotkey.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start [url="http://www.avg.com/pl.special-uninstallation-feedback-app?lic=OQBBAC0AQQBCAEwAOABZAC0AMgA5AEcANgAyAC0AQwAzADMAQgBBAC0AUQBUAE4AUwBIAC0ARwBFAFQAVwAzAA%22&%22inst=NwA2AC0AOQA3ADcAOAAxADUANgAyADcALQBEAEQAVAArADAALQBOADEARAArADEALQBTAFQAOQAwAEEAUABQACsAMQAtAFAATAArADkA%22&%22prod=92%22&%22ver=9.0.914"]http://www.avg.com/pl.special-uninstallation-feedback-app?lic=OQBBAC0AQQBCAEwAOABZAC0AMgA5AEcANgAyAC0AQwAzADMAQgBBAC0AUQBUAE4AUwBIAC0ARwBFAFQAVwAzAA"&"inst=NwA2AC0AOQA3ADcAOAAxADUANgAyADcALQBEAEQAVAArADAALQBOADEARAArADEALQBTAFQAOQAwAEEAUABQACsAMQAtAFAATAArADkA"&"prod=92"&"ver=9.0.914[/url]
O4 - HKCU\..\Run: [FlashGet 3] "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" -minimize
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CrossRiderPlugin] C:\Program Files\CrossriderWebApps\Crossrider.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8E04FDC-BED6-4BCF-92DE-6A887ABF9EDC}: NameServer = 62.233.233.233 87.204.204.204
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\IEBHO.dll
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 9452 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default

prefs.js - "browser.startup.homepage" - "http://www.aol.com"
prefs.js - "browser.startup.homepage" - "http://www.aol.com"
prefs.js - "browser.startup.homepage" - "http://www.aol.com"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p="

"crossriderapp1466@crossrider.com"=C:\Documents and Settings\All Users\Dane aplikacji\SendSpaceExtention\firefox
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450]
"Description"=RealPlayer™ LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
quickstores@quickstores.de
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
NPMyGlSh.dll
npwachk.dll

C:\Program Files\Mozilla Firefox\searchplugins\
allegro-pl.xml
aolsearch.xml
fbc-pl.xml
fcmdSrchddr.xml
fcmdSrchstonicla.xml
google.xml
merlin-pl.xml
pwn-pl.xml
SearchResults.xml
wikipedia-pl.xml
wp-pl.xml
yahoo.xml

C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\
ffxtlbr@Facemoods.com
{1392b8d2-5c05-419f-a8f6-b9f15a596612}
{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
{EEE6C361-6118-11DC-9C72-001320C79847}

C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\
askcom.xml
conduit.xml
SearchResults.xml
SweetIM Search.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
IObit Toolbar - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll [2011-12-13 1071456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\WINDOWS\system32\mscoree.dll [2010-03-18 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404}]
My Global Search Bar BHO - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL [2011-08-09 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll [2010-10-26 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
UrlHelper Class - C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\IEBHO.dll [2011-06-01 1236400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A876E312-7D08-401a-B7A6-FAFC5DC2F292}]
CrossRider - C:\Program Files\CrossriderWebApps\Crossrider.dll [2011-05-15 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]
MediaBar - C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll [2011-05-30 87480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll [2010-10-26 217088]
{37B85A29-692B-4205-9CAD-2626E4993404} - My Global Search Bar - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL [2011-08-09 225280]
{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - MediaBar - C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll [2011-05-30 87480]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\WINDOWS\system32\mscoree.dll [2010-03-18 297808]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - IObit Toolbar - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll [2011-12-13 1071456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-08 53248]
"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2006-03-23 176128]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"facemoods"=C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe [2010-10-26 323584]
"DATAMNGR"=C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\DATAMN~1.EXE [2011-06-01 1545144]
"Hotkey"=C:\Program Files\office keyboard driver\Hotkey.exe [2007-06-13 217088]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
""= []
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-12-13 922976]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start [url="http://www.avg.com/pl.special-uninstallation-feedback-app?lic=OQBBAC0AQQBCAEwAOABZAC0AMgA5AEcANgAyAC0AQwAzADMAQgBBAC0AUQBUAE4AUwBIAC0ARwBFAFQAVwAzAA&inst=NwA2AC0AOQA3ADcAOAAxADUANgAyADcALQBEAEQAVAArADAALQBOADEARAArADEALQBTAFQAOQAwAEEAUABQACsAMQAtAFAATAArADkA&prod=92&ver=9.0.914"]http://www.avg.com/p...=92&ver=9.0.914[/url] []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"FlashGet 3"=C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe -minimize []
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"CrossRiderPlugin"=C:\Program Files\CrossriderWebApps\Crossrider.exe [2011-05-15 478720]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\IEBHO.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2009-06-09 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10"
"D:\Program Files\Counter-Strike\cstrike.exe"="D:\Program Files\Counter-Strike\cstrike.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Metin2\metin2.bin"="C:\Program Files\Metin2\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Metin2\metin2client.bin"="C:\Program Files\Metin2\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\Metin2_PL\metin2.bin"="D:\Program Files\Metin2_PL\metin2.bin:*:Enabled:metin2"
"D:\Program Files\AriusMT2\metin2client.bin"="D:\Program Files\AriusMT2\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\Metin2\metin2mod_2011sf.exe"="C:\Program Files\Metin2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf"
"D:\Program Files\Kaladar\Kaladar.exe"="D:\Program Files\Kaladar\Kaladar.exe:*:Enabled:Kaladar"
"C:\Program Files\Metin2\Kaladar.exe"="C:\Program Files\Metin2\Kaladar.exe:*:Enabled:Kaladar"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Documents and Settings\u\Ustawienia lokalne\Temp\NevrasT.bin"="C:\Documents and Settings\u\Ustawienia lokalne\Temp\NevrasT.bin:*:Enabled:NevrasT"
"C:\Program Files\Metin2\Venise.exe"="C:\Program Files\Metin2\Venise.exe:*:Enabled:Venise"
"D:\Program Files\Venise\Venise.exe"="D:\Program Files\Venise\Venise.exe:*:Enabled:Venise"
"C:\Documents and Settings\u\Moje dokumenty\Downloads\Programs\SweetImSetup.exe"="C:\Documents and Settings\u\Moje dokumenty\Downloads\Programs\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\Documents and Settings\u\Ustawienia lokalne\Temp\SweetIMReinstall\SweetImSetup.exe"="C:\Documents and Settings\u\Ustawienia lokalne\Temp\SweetIMReinstall\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\Program Files\Metin2x\metin2.bin"="C:\Program Files\Metin2x\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Metin2x\metin2client.bin"="C:\Program Files\Metin2x\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\Metin2x\Erathia.exe"="C:\Program Files\Metin2x\Erathia.exe:*:Enabled:Erathia"
"D:\Program Files\Erathia\Erathia\metin2client.exe.exe"="D:\Program Files\Erathia\Erathia\metin2client.exe.exe:*:Enabled:metin2client.exe"
"C:\Program Files\Common Files\aol\acs\AOLDial.exe"="C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer"
"C:\Program Files\Common Files\aol\acs\AOLacsd.exe"="C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service"
"C:\Program Files\Common Files\aol\1311702059\ee\aolsoftware.exe"="C:\Program Files\Common Files\aol\1311702059\ee\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\Program Files\AOL 9.5\waol.exe"="C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOL"
"D:\Program Files\Metin25s2\Metin5.S2.07.02.2011\Metin5_S2.exe"="D:\Program Files\Metin25s2\Metin5.S2.07.02.2011\Metin5_S2.exe:*:Enabled:Metin5_S2"
"D:\Program Files\Metin25s2\Metin5.S2.07.02.2011\metin2.bin"="D:\Program Files\Metin25s2\Metin5.S2.07.02.2011\metin2.bin:*:Enabled:Customizable 2010 Client Launcher"
"D:\Program Files\Metin5.S2.07.02.2011\Metin5_S2.exe"="D:\Program Files\Metin5.S2.07.02.2011\Metin5_S2.exe:*:Enabled:Metin5_S2"
"C:\Program Files\Metin2\Longju.exe"="C:\Program Files\Metin2\Longju.exe:*:Enabled:Longju"
"D:\Program Files\Erathia\Erathia\metin2.bin"="D:\Program Files\Erathia\Erathia\metin2.bin:*:Enabled:metin2"
"C:\Program Files\BearShare\BearShare.exe"="C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\dtUser.exe"="C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker"
"D:\Program Files\imt2\InsanityMT2\InsanityMT2.exe"="D:\Program Files\imt2\InsanityMT2\InsanityMT2.exe:*:Enabled:InsanityMT2"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Metin2\InsanityMT2.exe"="C:\Program Files\Metin2\InsanityMT2.exe:*:Enabled:InsanityMT2"
"D:\Program Files\InsanityMT2\InsanityMT2.exe"="D:\Program Files\InsanityMT2\InsanityMT2.exe:*:Enabled:InsanityMT2"
"D:\Program Files\AtlantisMT2\metin2.bin"="D:\Program Files\AtlantisMT2\metin2.bin:*:Enabled:metin2"
"D:\Program Files\Alceria\alcpr.bin"="D:\Program Files\Alceria\alcpr.bin:*:Enabled:alcpr"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary"
"C:\Program Files\Metin2\metin2.exe"="C:\Program Files\Metin2\metin2.exe:*:Enabled:metin2"
"D:\Program Files\utorrent.exe"="D:\Program Files\utorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Evenar\metin2client.bin"="D:\Program Files\Evenar\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\Evenar\Erdiana.pl.exe"="D:\Program Files\Evenar\Erdiana.pl.exe:*:Enabled:Erdiana.pl"
"C:\Program Files\Metin2\Erdiana.pl.exe"="C:\Program Files\Metin2\Erdiana.pl.exe:*:Enabled:Erdiana.pl"
"D:\Program Files\Client\metin2clientexe.exe"="D:\Program Files\Client\metin2clientexe.exe:*:Enabled:metin2clientexe"
"D:\Program Files\Evenar\Elestium.exe"="D:\Program Files\Evenar\Elestium.exe:*:Enabled:Elestium"
"D:\Program Files\Evenar\metin2.bin"="D:\Program Files\Evenar\metin2.bin:*:Enabled:metin2"
"D:\Program Files\CavalosMT2\patch.bin"="D:\Program Files\CavalosMT2\patch.bin:*:Enabled:patch"
"D:\Program Files\CavalosMT2\Launcher.exe"="D:\Program Files\CavalosMT2\Launcher.exe:*:Enabled:Launcher"
"D:\Program Files\CavalosMT2\metin2mod_2011sf.exe"="D:\Program Files\CavalosMT2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf"
"C:\Program Files\Metin2Pl\metin2.exe"="C:\Program Files\Metin2Pl\metin2.exe:*:Enabled:metin2"
"C:\Program Files\Metin2Pl\metin2.bin"="C:\Program Files\Metin2Pl\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Metin2Pl\metin2client.bin"="C:\Program Files\Metin2Pl\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\Tiveria\game.bin"="D:\Program Files\Tiveria\game.bin:*:Enabled:game"
"D:\Program Files\Klient Divine World\metin2.bin"="D:\Program Files\Klient Divine World\metin2.bin:*:Enabled:metin2"
"D:\Program Files\Klient Divine World\DivineWorld.exe"="D:\Program Files\Klient Divine World\DivineWorld.exe:*:Enabled:DivineWorld"
"D:\Program Files\XenoxMt2\XenoxMT2 Launcher.exe"="D:\Program Files\XenoxMt2\XenoxMT2 Launcher.exe:*:Enabled:XenoxMT2 Launcher"
"D:\Program Files\DivineWorld\DivineWorld.exe"="D:\Program Files\DivineWorld\DivineWorld.exe:*:Enabled:DivineWorld"
"D:\Program Files\Klient Divine World\metin2client.bin"="D:\Program Files\Klient Divine World\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\Airo\AiroClient.bin"="D:\Program Files\Airo\AiroClient.bin:*:Enabled:AiroClient"
"D:\Program Files\Airo\metin2client.bin"="D:\Program Files\Airo\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\DivineWorld\EternalMT2.exe"="D:\Program Files\DivineWorld\EternalMT2.exe:*:Enabled:EternalMT2"
"D:\Program Files\DivineWorld\Nexusmt2 Uruchom.exe"="D:\Program Files\DivineWorld\Nexusmt2 Uruchom.exe:*:Enabled:Nexusmt2 Uruchom"
"D:\Program Files\UnlimitedWorld-Client\UnlimitedWorld.exe"="D:\Program Files\UnlimitedWorld-Client\UnlimitedWorld.exe:*:Enabled:UnlimitedWorld"
"D:\Program Files\Abyss\Metin2\abyss.exe"="D:\Program Files\Abyss\Metin2\abyss.exe:*:Enabled:abyss"
"D:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="D:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"D:\Program Files\EA GAMES\Battlefield 2\Bf2_w32ded.exe"="D:\Program Files\EA GAMES\Battlefield 2\Bf2_w32ded.exe:*:Enabled:Bf2_w32ded"
"D:\Program Files\EA GAMES\Battlefield 2\BF2VoipServer_w32ded.exe"="D:\Program Files\EA GAMES\Battlefield 2\BF2VoipServer_w32ded.exe:*:Enabled:BF2VoipServer_w32ded"
"D:\Program Files\DivineWorld\metin2client.bin"="D:\Program Files\DivineWorld\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\UnlimitedWorld-Client\Aventer.exe"="D:\Program Files\UnlimitedWorld-Client\Aventer.exe:*:Enabled:Aventer"
"D:\Program Files\UnlimitedWorld-Client\metin2client.bin"="D:\Program Files\UnlimitedWorld-Client\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\UnlimitedWorld-Client\metin2client1.exe"="D:\Program Files\UnlimitedWorld-Client\metin2client1.exe:*:Enabled:metin2client1"
"D:\Program Files\DivineWorld\Aventer.exe"="D:\Program Files\DivineWorld\Aventer.exe:*:Enabled:Aventer"
"D:\Program Files\New Beginning\Aventer.exe"="D:\Program Files\New Beginning\Aventer.exe:*:Enabled:Aventer"
"D:\Program Files\UnlimitedWorld-Client\SSMt2.exe"="D:\Program Files\UnlimitedWorld-Client\SSMt2.exe:*:Enabled:SSMt2"
"C:\Program Files\Common Files\aol\1321607345\ee\aolsoftware.exe"="C:\Program Files\Common Files\aol\1321607345\ee\aolsoftware.exe:*:Enabled:AOL Shared Components"
"D:\Program Files\Metin2 Singapore\metin2.bin"="D:\Program Files\Metin2 Singapore\metin2.bin:*:Enabled:metin2"
"D:\Program Files\nb\New Beginning\Leiria.exe.exe"="D:\Program Files\nb\New Beginning\Leiria.exe.exe:*:Enabled:Leiria.exe"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"
"D:\Program Files\New Beginning\metin2.bin"="D:\Program Files\New Beginning\metin2.bin:*:Enabled:metin2"
"D:\Program Files\New Beginning\metin2client.bin"="D:\Program Files\New Beginning\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\New Beginning\wmdc.bin"="D:\Program Files\New Beginning\wmdc.bin:*:Enabled:wmdc"
"D:\Program Files\New Beginning\Sevoris.pl.exe"="D:\Program Files\New Beginning\Sevoris.pl.exe:*:Enabled:Sevoris.pl"
"D:\Program Files\nb\New Beginning\Sevoris.pl.exe"="D:\Program Files\nb\New Beginning\Sevoris.pl.exe:*:Enabled:Sevoris.pl"
"D:\Program Files\New Beginning\AnxoMT2.exe"="D:\Program Files\New Beginning\AnxoMT2.exe:*:Enabled:AnxoMT2"
"D:\Program Files\New Beginning\metin2client.exe"="D:\Program Files\New Beginning\metin2client.exe:*:Enabled:metin2client"
"D:\Program Files\nb\New Beginning\metin2client.exe"="D:\Program Files\nb\New Beginning\metin2client.exe:*:Enabled:metin2client"
"D:\Program Files\nb\xd\metin2client.exe"="D:\Program Files\nb\xd\metin2client.exe:*:Enabled:metin2client"
"D:\Program Files\nb\xd\Leiria.exe.exe"="D:\Program Files\nb\xd\Leiria.exe.exe:*:Enabled:Leiria.exe"
"D:\Program Files\nb\xd\metin2client.bin"="D:\Program Files\nb\xd\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\New Beginning\Venise s2.exe"="D:\Program Files\New Beginning\Venise s2.exe:*:Enabled:Venise s2"
"C:\Documents and Settings\u\Pulpit\ECC5_2\ECC\Blackshades server.exe"="C:\Documents and Settings\u\Pulpit\ECC5_2\ECC\Blackshades server.exe:*:Enabled:Windows Messanger"
"C:\Documents and Settings\u\Dane aplikacji\winupdate34.exe"="C:\Documents and Settings\u\Dane aplikacji\winupdate34.exe:*:Enabled:Windows Messanger"
"D:\Program Files\New Beginning\Używać Przy Problemach z AutoPatcherem.exe"="D:\Program Files\New Beginning\Używać Przy Problemach z AutoPatcherem.exe:*:Enabled:Używać Przy Problemach z AutoPatcherem"
"D:\Program Files\New Beginning\Anadia.exe"="D:\Program Files\New Beginning\Anadia.exe:*:Enabled:Anadia"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Program Files\New Beginning\Atlantica.exe"="D:\Program Files\New Beginning\Atlantica.exe:*:Enabled:Atlantica"
"D:\Program Files\New Beginning\starter.exe"="D:\Program Files\New Beginning\starter.exe:*:Enabled:starter"
"D:\Program Files\patcher\patcher\metin2.bin"="D:\Program Files\patcher\patcher\metin2.bin:*:Enabled:metin2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.vorbis"=vorbis.acm
"VIDC.FPS1"=frapsvid.dll
"msacm.lhacm"=lhacm.acm

======List of files/folders created in the last 1 month======

2012-02-01 19:04:35 ----D---- C:\rsit
2012-02-01 18:45:10 ----D---- C:\Program Files\Trend Micro
2012-01-29 21:29:30 ----A---- C:\WINDOWS\system32\drivers\VIAAGP1.SYS
2012-01-24 17:49:45 ----D---- C:\Program Files\Gadu-Gadu 10
2012-01-22 19:17:28 ----D---- C:\vcs5BGEffects
2012-01-08 19:20:34 ----D---- C:\Documents and Settings\u\Dane aplikacji\Notepad++
2012-01-02 14:07:35 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\f-secure

======List of files/folders modified in the last 1 month======

2012-02-01 19:04:39 ----D---- C:\WINDOWS\Prefetch
2012-02-01 18:45:27 ----SHD---- C:\WINDOWS\Installer
2012-02-01 18:45:15 ----SD---- C:\Documents and Settings\u\Dane aplikacji\Microsoft
2012-02-01 18:45:10 ----RD---- C:\Program Files
2012-02-01 17:55:57 ----D---- C:\WINDOWS\Temp
2012-02-01 15:30:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-31 20:36:56 ----D---- C:\Documents and Settings\u\Dane aplikacji\Dev-Cpp
2012-01-30 15:45:49 ----D---- C:\WINDOWS\system32\drivers
2012-01-30 14:58:14 ----D---- C:\WINDOWS
2012-01-29 23:39:02 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-29 23:09:09 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-29 23:05:15 ----D---- C:\WINDOWS\system32
2012-01-29 23:05:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-29 23:04:22 ----RSD---- C:\WINDOWS\assembly
2012-01-29 23:03:52 ----D---- C:\WINDOWS\WinSxS
2012-01-29 22:52:53 ----D---- C:\WINDOWS\system32\en-US
2012-01-29 21:29:33 ----HD---- C:\WINDOWS\inf
2012-01-29 21:29:32 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-01-29 21:29:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-26 15:54:19 ----A---- C:\WINDOWS\NeroDigital.ini
2012-01-20 18:40:59 ----D---- C:\WINDOWS\Minidump
2012-01-20 18:13:54 ----D---- C:\Documents and Settings\u\Dane aplikacji\teamspeak2
2012-01-18 16:39:14 ----D---- C:\Documents and Settings\u\Dane aplikacji\.minecraft
2012-01-08 20:22:38 ----D---- C:\Documents and Settings\u\Dane aplikacji\QuickStoresToolbar
2012-01-04 17:09:23 ----D---- C:\Documents and Settings\u\Dane aplikacji\FileZilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Filtr rodzajowy AGPv3.0 firmy Microsoft dla platform procesora K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-10-30 443448]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2008-09-25 12952]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-09-06 52568]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-09-06 110552]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
R3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344]
R3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2009-06-09 20608]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-04-13 252416]
S2 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [2007-01-04 69656]
S3 au0hop8d;au0hop8d; C:\WINDOWS\system32\drivers\au0hop8d.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 injectDLL;injectDLL; \??\C:\Documents and Settings\u\Pulpit\injectDLL.sys []
S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys []
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-06-09 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-06-09 82944]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-12-14 748440]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-19 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-19 136176]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-06-09 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------



info.txt logfile of random's system information tool 1.09 2012-02-01 19:04:49

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10o_Plugin.exe -maintain plugin
Adobe Reader X - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-AA0000000001}
Adobe Shockwave Player 11.6-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Aktualizacja dla systemu Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizacja dla systemu Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla programu Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizacja zabezpieczeń dla systemu Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
AudioCommander-->"C:\Documents and Settings\All Users\Dane aplikacji\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}\setup_ac.exe" REMOVE=TRUE MODIFY=FALSE
AudioCommander-->C:\Documents and Settings\All Users\Dane aplikacji\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}\setup_ac.exe
AV Voice Changer Software DIAMOND 6.0-->C:\PROGRA~1\AVVCS6~1.0DI\UNWISE.EXE C:\PROGRA~1\AVVCS6~1.0DI\INSTALL.LOG
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Click to Call with Skype-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Crossrider Web Apps-->C:\Program Files\CrossriderWebApps\uninstall.exe
CWK (Czasowy Wyłącznik Komputera)-->"C:\Program Files\Damian Pasternak\CWK\CWK.exe" /uninstall
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
facemoods-->"C:\Program Files\facemoods.com\facemoods\1.4.17.3\uninstall.exe"
Gadu-Gadu 10-->C:\Program Files\Gadu-Gadu 10\Uninstall.exe
Google Chrome-->"C:\Program Files\Google\Chrome\Application\16.0.912.77\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hardcore-->C:\Program Files\Image-Line\Hardcore\uninstall.exe
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Icy Tower v1.5-->"c:\games\icytower1.5\unins000.exe"
IObit Toolbar v4.9-->MsiExec.exe /X{AE613868-24C7-4f1f-A9C6-7B3B718ABDA5}
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java™ 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF}
Klient Tiveria 1.0-->D:\Program Files\Tiveria\uninst.exe
K-Lite Mega Codec Pack 7.1.2-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
KM Wakeup 1.6-->C:\Program Files\KM Wakeup\uninst.exe
M2Fish 4.2-->D:\Program Files\Tiveria\M2Fish\uninst.exe
MediaBar-->C:\Program Files\BearShare Applications\MediaBar\uninstall.exe
Metin2-->"D:\Program Files\Metin2Pl\unins000.exe"
Metin2-->D:\Program Files\Metin2 Singapore\Uninstall.exe
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft Office Access MUI (Polish) 2007-->MsiExec.exe /X{90120000-0015-0415-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2007-->MsiExec.exe /X{90120000-0016-0415-0000-0000000FF1CE}
Microsoft Office Groove MUI (Polish) 2007-->MsiExec.exe /X{90120000-00BA-0415-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Polish) 2007-->MsiExec.exe /X{90120000-0044-0415-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Polish) 2007-->MsiExec.exe /X{90120000-00A1-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2007-->MsiExec.exe /X{90120000-001A-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2007-->MsiExec.exe /X{90120000-0018-0415-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2007-->MsiExec.exe /X{90120000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2007-->MsiExec.exe /X{90120000-002C-0415-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Polish) 2007-->MsiExec.exe /X{90120000-0019-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2007-->MsiExec.exe /X{90120000-006E-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2007-->MsiExec.exe /X{90120000-001B-0415-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218-->MsiExec.exe /X{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Mozilla Firefox 4.0 (x86 pl)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
MSXML 6.0 SDK-->MsiExec.exe /I{DF67E8C2-1D4C-44E1-93DC-7E26E2D74D00}
My Global Search Bar-->rundll32 C:\PROGRA~1\MYGLOB~1\bar\1.bin\mgsBar.dll,O
Nero 7 Ultra Edition-->MsiExec.exe /X{91C0B95B-B83A-4828-A775-BBE2DD421045}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Notatnik SP, ver 4.1-->"C:\Program Files\nsp\unins000.exe"
office keyboard driver 2.0-->"C:\Program Files\office keyboard driver\unins000.exe"
OpenGL Extensions Viewer 3.0-->"C:\Program Files\realtech VR\OpenGL Extensions Viewer 3.0\uninst.exe"
Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
Poprawka dla systemu Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Poprawka dla systemu Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
Pro Evolution Soccer 5-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{85C3FA3C-4832-4204-B21E-168E4920936A} /l1033
QuickStores-Toolbar 1.1.0-->"C:\Documents and Settings\u\Dane aplikacji\QuickStoresToolbar\unins000.exe"
QuickTime Alternative 3.2.2-->"C:\Program Files\QuickTime Alternative\unins000.exe"
Real Alternative 2.0.2-->"C:\Program Files\Real Alternative\unins000.exe"
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x15 -removeonly
SAGEM F@st 800-840-->C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe -runfromtemp -l0x0015 -removeonly
Sawer-->C:\Program Files\Image-Line\Sawer\uninstall.exe
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
SubEdit-Player-->"C:\Program Files\SubEdit-Player\unins000.exe"
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
Uninstall AOL Emergency Connect Utility 1.0-->C:\Program Files\Common Files\AOL\ECU\uninst.exe
VIA Platforma Menedżera urządzeń-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VIA/S3G Display Driver 6.14.10.0297-->C:\PROGRA~1\S3\UChromeP\s3minset.exe /u UChromeP.uns
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
WinPcap 4.1.1-->"C:\Program Files\WinPcap\uninstall.exe"
WinRAR 4.00 (32-bitowy)-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: G-07D8033E029C4
Event Code: 7036
Message: Usługa Menedżer połączeń usługi Dostęp zdalny weszła w stan uruchomienia.

Record Number: 19247
Source Name: Service Control Manager
Time Written: 20111230142412.000000+060
Event Type: informacje
User:

Computer Name: G-07D8033E029C4
Event Code: 7036
Message: Usługa Usługa odnajdywania SSDP weszła w stan uruchomienia.

Record Number: 19246
Source Name: Service Control Manager
Time Written: 20111230142412.000000+060
Event Type: informacje
User:

Computer Name: G-07D8033E029C4
Event Code: 7036
Message: Usługa Usługa COM nagrywania dysków CD IMAPI weszła w stan uruchomienia.

Record Number: 19245
Source Name: Service Control Manager
Time Written: 20111230142412.000000+060
Event Type: informacje
User:

Computer Name: G-07D8033E029C4
Event Code: 7035
Message: Do usługi Usługa odnajdywania SSDP został pomyślnie wysłany kod sterowania uruchom.

Record Number: 19244
Source Name: Service Control Manager
Time Written: 20111230142411.000000+060
Event Type: informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: G-07D8033E029C4
Event Code: 7036
Message: Usługa Rozpoznawanie lokalizacji w sieci (NLA) weszła w stan uruchomienia.

Record Number: 19243
Source Name: Service Control Manager
Time Written: 20111230142411.000000+060
Event Type: informacje
User:

=====Application event log=====

Computer Name: G-07D8033E029C4
Event Code: 1040
Message: Rozpoczynanie transakcji Instalatora Windows: C:\Documents and Settings\All Users\Dane aplikacji\Skype\{AA59DDE4-B672-4621-A016-4C248204957A}\Skype.msi. Identyfikator procesu klienta: 1048.

Record Number: 807
Source Name: MsiInstaller
Time Written: 20110816163609.000000+120
Event Type: informacje
User: G-07D8033E029C4\u

Computer Name: G-07D8033E029C4
Event Code: 1000
Message: Aplikacja powodująca błąd SkypeSetupFull.exe, wersja 5.5.0.113, moduł powodujący błąd SkypeSetupFull.exe, wersja 5.5.0.113, adres błędu 0x01ab9b09.

Record Number: 806
Source Name: Application Error
Time Written: 20110816162806.000000+120
Event Type: błąd
User:

Computer Name: G-07D8033E029C4
Event Code: 1005
Message: System Windows nie może uzyskać dostępu do pliku D:\Program Files\SkypeSetupFull.exe z jednej z następujących przyczyn:
istnieje problem z połączeniem sieciowym, dyskiem, na którym przechowywany jest plik,
sterownikami magazynu zainstalowanymi na tym komputerze; lub brak dysku.
System Windows zamknął program Skype z powodu następującego błędu.

Program: Skype
Plik: D:\Program Files\SkypeSetupFull.exe

Wartość błędu jest wyświetlona w sekcji Dodatkowe dane.
Akcja użytkownika
1. Otwórz plik ponownie.
Ta sytuacja może być przejściowym problemem, który sam się rozwiąże po ponownym uruchomieniu programu.
2.
Jeśli nadal nie można uzyskać dostępu do pliku i
- jest w sieci,
administrator sieci powinien sprawdzić, czy nie ma problemu z siecią, i czy można skontaktować się z serwerem.
- jest na dysku wymiennym, na przykład dyskietce lub dysku CD-ROM, sprawdź, czy cały dysk jest włożony do komputera.
3. Sprawdź i napraw system plików, uruchamiając program CHKDSK. Aby uruchomić program CHKDSK, kliknij przycisk Start, kliknij polecenie Uruchom, wpisz CMD, a następnie kliknij przycisk OK. W wierszu polecenia wpisz CHKDSK /F, a następnie naciśnij klawisz ENTER.
4. Jeżeli problem nie ustąpi, przywróć plik z kopii zapasowej.
5. Ustal, czy można otworzyć inne pliki na tym samym dysku. Jeśli nie, dysk może być uszkodzony. Jeśli jest to dysk twardy, skontaktuj się z administratorem lub dostawcą sprzętu
komputerowego, aby uzyskać dalszą pomoc.
Dodatkowe dane
Wartość błędu: C000009C
Typ dysku: 3

Record Number: 805
Source Name: Application Error
Time Written: 20110816162744.000000+120
Event Type: błąd
User:

Computer Name: G-07D8033E029C4
Event Code: 1800
Message: Usługa Centrum zabezpieczeń systemu Windows została uruchomiona.

Record Number: 804
Source Name: SecurityCenter
Time Written: 20110816162550.000000+120
Event Type: informacje
User:

Computer Name: G-07D8033E029C4
Event Code: 0
Message:
Record Number: 803
Source Name: gupdate
Time Written: 20110816162523.000000+120
Event Type: informacje
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime Alternative\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2c02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------[/log]

Pomoże mi ktoś?

ref

ref

Natsuki Kuga
komentarz
komentarz

Dodaj jeszcze log z OTL, jest trochę śmieci do usunięcia, a nim będzie wygodniejsze usuwanie.

  • Dobra wypowiedź 1
kahan32
komentarz
komentarz

O to logi z OTL
[spoiler]OTL logfile created on: 2012-02-05 11:09:35 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\u\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

958,42 Mb Total Physical Memory | 359,87 Mb Available Physical Memory | 37,55% Memory free
2,26 Gb Paging File | 1,79 Gb Available in Paging File | 79,25% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 2,57 Gb Free Space | 17,55% Space Free | Partition Type: NTFS
Drive D: | 17,76 Gb Total Space | 12,20 Gb Free Space | 68,69% Space Free | Partition Type: NTFS

Computer Name: G-07D8033E029C4 | User Name: u | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-02-05 11:08:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\u\Moje dokumenty\Downloads\OTL.exe
PRC - [2012-01-20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011-10-03 05:06:18 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2011-07-04 18:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2011-06-09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2011-06-01 19:28:14 | 001,545,144 | ---- | M] (MusicLab, LLC) -- C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2011-05-15 23:01:44 | 000,478,720 | ---- | M] (Crossrider) -- C:\Program Files\CrossriderWebApps\Crossrider.exe
PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009-06-09 22:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009-06-09 22:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2009-06-09 22:45:00 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-06-09 22:45:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2009-06-09 22:45:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2009-06-09 22:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2009-06-09 22:45:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2009-06-09 22:45:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2009-06-09 22:45:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 19:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2007-06-13 00:34:48 | 000,217,088 | ---- | M] () -- C:\Program Files\office keyboard driver\Hotkey.exe
PRC - [2007-04-16 11:58:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2007-02-13 15:20:50 | 001,205,840 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
PRC - [2006-03-23 12:32:32 | 000,176,128 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\VTTrayp.exe
PRC - [2005-03-08 00:03:28 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-02-05 11:08:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\u\Moje dokumenty\Downloads\OTL.exe
MOD - [2012-01-20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
MOD - [2012-01-20 06:35:35 | 000,411,120 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.77\ppgooglenaclpluginchrome.dll
MOD - [2012-01-20 06:35:34 | 003,767,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.77\pdf.dll
MOD - [2012-01-20 06:34:18 | 009,848,816 | ---- | M] (The ICU Project) -- C:\Program Files\Google\Chrome\Application\16.0.912.77\icudt.dll
MOD - [2012-01-20 06:34:12 | 028,809,712 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\16.0.912.77\chrome.dll
MOD - [2012-01-20 06:34:10 | 000,122,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.77\avutil-51.dll
MOD - [2012-01-20 06:34:09 | 000,222,208 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.77\avformat-53.dll
MOD - [2012-01-20 06:34:07 | 001,746,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.77\avcodec-53.dll
MOD - [2012-01-20 03:14:40 | 008,593,056 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.77\gcswf32.dll
MOD - [2011-10-03 05:06:18 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
MOD - [2011-08-28 22:19:12 | 000,093,696 | ---- | M] () -- D:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011-07-04 18:46:24 | 004,514,400 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\ggsip.dll
MOD - [2011-07-04 18:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 18:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 18:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 18:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 18:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-07-04 18:45:36 | 000,815,712 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\networkdao.dll
MOD - [2011-07-04 18:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
MOD - [2011-06-18 11:08:08 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre6\bin\msvcr71.dll
MOD - [2011-06-09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2011-06-01 19:28:18 | 001,234,360 | ---- | M] (MusicLab, LLC) -- C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll
MOD - [2011-06-01 19:28:14 | 001,545,144 | ---- | M] (MusicLab, LLC) -- C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe
MOD - [2011-05-15 23:01:44 | 000,478,720 | ---- | M] (Crossrider) -- C:\Program Files\CrossriderWebApps\Crossrider.exe
MOD - [2011-04-25 17:03:43 | 001,213,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2011-04-25 17:03:43 | 000,919,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2011-04-25 17:03:42 | 011,083,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2011-04-25 17:03:42 | 001,992,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2011-04-16 04:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-03-03 07:53:44 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2011-02-17 10:00:46 | 000,327,680 | ---- | M] (http://hunspell.sourceforge.net/) -- C:\Program Files\Gadu-Gadu 10\libhunspell.dll
MOD - [2011-02-17 10:00:44 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Gadu-Gadu 10\dbghelp.dll
MOD - [2011-02-17 10:00:44 | 000,319,488 | ---- | M] (The cURL library, http://curl.haxx.se/) -- C:\Program Files\Gadu-Gadu 10\libcurl.dll
MOD - [2011-02-17 10:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 10:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 10:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 10:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 10:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 10:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 09:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 09:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 09:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 09:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 09:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 09:59:32 | 001,163,264 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Gadu-Gadu 10\libeay32.dll
MOD - [2011-02-17 09:59:32 | 000,253,952 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Gadu-Gadu 10\ssleay32.dll
MOD - [2011-02-17 09:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll
MOD - [2011-02-08 14:33:57 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2011-01-21 15:42:25 | 008,492,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-12-22 13:32:24 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2010-12-20 18:32:08 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2010-12-20 18:24:12 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2010-12-09 16:15:52 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010-11-09 15:52:35 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2010-10-23 01:47:24 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
MOD - [2010-08-23 17:12:55 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2010-08-16 09:43:34 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2010-06-30 13:25:00 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2010-06-14 08:40:29 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msxml3.dll
MOD - [2010-04-16 16:38:53 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2010-03-18 16:47:22 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
MOD - [2010-03-18 16:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\aspnet_counters.dll
MOD - [2010-03-18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr100_clr0400.dll
MOD - [2010-03-18 13:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2010-03-18 13:16:28 | 000,129,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
MOD - [2010-03-18 13:16:28 | 000,121,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
MOD - [2010-03-18 10:09:00 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2010-03-18 10:09:00 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2009-12-24 08:04:53 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-10-13 11:34:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2009-10-12 14:40:13 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2009-10-12 14:40:13 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2009-09-11 15:15:45 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2009-09-04 22:05:35 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2009-08-06 18:24:10 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wups2.dll
MOD - [2009-08-06 18:23:46 | 001,929,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll
MOD - [2009-07-27 23:23:50 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2009-07-17 20:04:02 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009-07-17 17:17:57 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2009-07-12 00:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-07-12 00:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2009-06-25 09:42:23 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-06-25 09:42:23 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2009-06-10 07:16:42 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2009-06-09 22:45:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2009-06-09 22:45:00 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2009-06-09 22:45:00 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2009-06-09 22:45:00 | 001,689,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d9.dll
MOD - [2009-06-09 22:45:00 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2009-06-09 22:45:00 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2009-06-09 22:45:00 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2009-06-09 22:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2009-06-09 22:45:00 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2009-06-09 22:45:00 | 001,020,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-06-09 22:45:00 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2009-06-09 22:45:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2009-06-09 22:45:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2009-06-09 22:45:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2009-06-09 22:45:00 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2009-06-09 22:45:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-06-09 22:45:00 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2009-06-09 22:45:00 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2009-06-09 22:45:00 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2009-06-09 22:45:00 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2009-06-09 22:45:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2009-06-09 22:45:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2009-06-09 22:45:00 | 000,531,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2009-06-09 22:45:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2009-06-09 22:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2009-06-09 22:45:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2009-06-09 22:45:00 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2009-06-09 22:45:00 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2009-06-09 22:45:00 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2009-06-09 22:45:00 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\riched20.dll
MOD - [2009-06-09 22:45:00 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2009-06-09 22:45:00 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2009-06-09 22:45:00 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2009-06-09 22:45:00 | 000,427,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpob2res.dll
MOD - [2009-06-09 22:45:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2009-06-09 22:45:00 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2009-06-09 22:45:00 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2009-06-09 22:45:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2009-06-09 22:45:00 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2009-06-09 22:45:00 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2009-06-09 22:45:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2009-06-09 22:45:00 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2009-06-09 22:45:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2009-06-09 22:45:00 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2009-06-09 22:45:00 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2009-06-09 22:45:00 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2009-06-09 22:45:00 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2009-06-09 22:45:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2009-06-09 22:45:00 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2009-06-09 22:45:00 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2009-06-09 22:45:00 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2009-06-09 22:45:00 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\portabledeviceapi.dll
MOD - [2009-06-09 22:45:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2009-06-09 22:45:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ddraw.dll
MOD - [2009-06-09 22:45:00 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2009-06-09 22:45:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2009-06-09 22:45:00 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2009-06-09 22:45:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2009-06-09 22:45:00 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2009-06-09 22:45:00 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2009-06-09 22:45:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2009-06-09 22:45:00 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2009-06-09 22:45:00 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009-06-09 22:45:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2009-06-09 22:45:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2009-06-09 22:45:00 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2009-06-09 22:45:00 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2009-06-09 22:45:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2009-06-09 22:45:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2009-06-09 22:45:00 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2009-06-09 22:45:00 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2009-06-09 22:45:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2009-06-09 22:45:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2009-06-09 22:45:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2009-06-09 22:45:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2009-06-09 22:45:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2009-06-09 22:45:00 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2009-06-09 22:45:00 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2009-06-09 22:45:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2009-06-09 22:45:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2009-06-09 22:45:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2009-06-09 22:45:00 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2009-06-09 22:45:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2009-06-09 22:45:00 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2009-06-09 22:45:00 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\portabledevicetypes.dll
MOD - [2009-06-09 22:45:00 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2009-06-09 22:45:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2009-06-09 22:45:00 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2009-06-09 22:45:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2009-06-09 22:45:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2009-06-09 22:45:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2009-06-09 22:45:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2009-06-09 22:45:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2009-06-09 22:45:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2009-06-09 22:45:00 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2009-06-09 22:45:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2009-06-09 22:45:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wpdshserviceobj.dll
MOD - [2009-06-09 22:45:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2009-06-09 22:45:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2009-06-09 22:45:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2009-06-09 22:45:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2009-06-09 22:45:00 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2009-06-09 22:45:00 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oledlg.dll
MOD - [2009-06-09 22:45:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2009-06-09 22:45:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2009-06-09 22:45:00 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2009-06-09 22:45:00 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2009-06-09 22:45:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2009-06-09 22:45:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2009-06-09 22:45:00 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2009-06-09 22:45:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2009-06-09 22:45:00 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2009-06-09 22:45:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2009-06-09 22:45:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2009-06-09 22:45:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2009-06-09 22:45:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2009-06-09 22:45:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2009-06-09 22:45:00 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2009-06-09 22:45:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2009-06-09 22:45:00 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2009-06-09 22:45:00 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mydocs.dll
MOD - [2009-06-09 22:45:00 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2009-06-09 22:45:00 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2009-06-09 22:45:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2009-06-09 22:45:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2009-06-09 22:45:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2009-06-09 22:45:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2009-06-09 22:45:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll
MOD - [2009-06-09 22:45:00 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2009-06-09 22:45:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll
MOD - [2009-06-09 22:45:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2009-06-09 22:45:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2009-06-09 22:45:00 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2009-06-09 22:45:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2009-06-09 22:45:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2009-06-09 22:45:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2009-06-09 22:45:00 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2009-06-09 22:45:00 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2009-06-09 22:45:00 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2009-06-09 22:45:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2009-06-09 22:45:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2009-06-09 22:45:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2009-06-09 22:45:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll
MOD - [2009-06-09 22:45:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2009-06-09 22:45:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2009-06-09 22:45:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2009-06-09 22:45:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2009-06-09 22:45:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll
MOD - [2009-06-09 22:45:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2009-06-09 22:45:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2009-06-09 22:45:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2009-06-09 22:45:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2009-06-09 22:45:00 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2009-06-09 22:45:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2009-06-09 22:45:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2009-06-09 22:45:00 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2009-06-09 22:45:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2009-06-09 22:45:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2009-06-09 22:45:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2009-06-09 22:45:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2009-06-09 22:45:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2009-06-09 22:45:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2009-06-09 22:45:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2009-06-09 22:45:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2009-06-09 22:45:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2009-06-09 22:45:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2009-06-09 22:45:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2009-06-09 22:45:00 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2009-06-09 22:45:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2009-06-09 22:45:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcAdProc.dll
MOD - [2009-06-09 22:45:00 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2009-06-09 22:45:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2009-06-09 22:45:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2009-06-09 22:45:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2009-06-09 22:45:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2009-06-09 22:45:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2009-06-09 22:45:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2009-06-09 22:45:00 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2009-06-09 22:45:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2009-06-09 22:45:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll
MOD - [2009-06-09 22:45:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2009-06-09 22:45:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll
MOD - [2009-06-09 22:45:00 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2009-06-09 22:45:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2009-06-09 22:45:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2009-06-09 22:45:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2009-06-09 22:45:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2009-06-09 22:45:00 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2009-06-09 22:45:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2009-06-09 22:45:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2009-06-09 22:45:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2009-06-09 22:45:00 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2009-06-09 22:45:00 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2009-06-09 22:45:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2009-06-09 22:45:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2009-06-09 22:45:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2009-06-09 22:45:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2009-06-09 22:45:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2009-06-09 22:45:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2009-06-09 22:45:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2009-06-09 22:45:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2009-06-09 22:45:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2009-06-09 22:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2009-06-09 22:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2009-06-09 22:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2009-06-09 22:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2009-06-09 22:45:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2009-06-09 22:45:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2009-06-09 22:45:00 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2009-06-09 22:45:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2009-06-09 22:45:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2009-06-09 22:45:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2009-06-09 22:45:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2009-06-09 22:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2009-06-09 22:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2009-06-09 22:45:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
MOD - [2009-06-09 22:45:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2009-06-09 22:45:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2009-06-09 22:45:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll
MOD - [2009-06-09 22:45:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2009-06-09 22:45:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2009-06-09 22:45:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2009-06-09 22:45:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2009-06-09 22:45:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2009-06-09 22:45:00 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2009-06-09 22:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dciman32.dll
MOD - [2009-06-09 22:45:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2009-06-09 22:45:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d8thk.dll
MOD - [2009-06-09 22:45:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2009-06-09 22:45:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2009-06-09 22:45:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll
MOD - [2009-06-09 22:45:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2009-06-09 22:45:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2009-06-09 22:45:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2009-06-09 22:45:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2009-06-09 22:45:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008-05-19 05:33:20 | 004,445,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2008-04-14 19:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
MOD - [2008-04-14 17:21:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2007-06-13 00:34:48 | 000,217,088 | ---- | M] () -- C:\Program Files\office keyboard driver\Hotkey.exe
MOD - [2007-06-02 14:11:40 | 000,114,688 | ---- | M] () -- C:\Program Files\office keyboard driver\IKey.dll
MOD - [2007-04-16 11:58:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
MOD - [2007-02-13 15:20:50 | 001,205,840 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
MOD - [2006-11-27 13:20:36 | 000,094,208 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\Languages\polish.dll
MOD - [2006-03-23 12:32:32 | 000,176,128 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\VTTrayp.exe
MOD - [2005-09-23 06:28:32 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2005-03-08 00:03:28 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-10-30 13:46:51 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-03-18 17:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-09-25 14:27:20 | 000,012,952 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2007-04-25 12:50:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007-01-04 12:48:04 | 000,104,344 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e4usbaw.sys -- (e4usbaw)
DRV - [2007-01-04 12:47:48 | 000,069,656 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e4ldr.sys -- (E4LOADER) General Purpose USB Driver (e4ldr.sys)
DRV - [2003-07-02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 531034517
IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com
IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=2&q="
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950&ilc=12"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\crossriderapp1466@crossrider.com: C:\Documents and Settings\All Users\Dane aplikacji\SendSpaceExtention\firefox [2011-10-16 15:02:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-07-03 19:33:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-02-02 15:08:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\u\Dane aplikacji\IDM\idmmzcc5

[2011-06-18 11:16:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Extensions
[2011-12-28 20:40:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions
[2011-11-18 09:57:06 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2011-11-18 09:57:11 | 000,000,000 | ---D | M] (butterscotch Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5}
[2011-11-18 09:57:17 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011-08-09 14:09:48 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
[2011-07-15 22:22:30 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011-07-15 23:28:13 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\ffxtlbr@Facemoods.com
[2011-09-25 14:19:44 | 000,002,566 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\askcom.xml
[2011-08-27 18:09:44 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\conduit.xml
[2011-08-09 14:09:21 | 000,002,493 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\SearchResults.xml
[2011-07-15 22:23:47 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\SweetIM Search.xml
[2011-07-15 22:21:59 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\sweetim.xml
[2011-12-28 20:39:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-08-16 15:38:14 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011-06-18 11:08:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-07-15 23:51:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011-11-10 22:00:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011-11-20 15:20:15 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de
[2011-10-16 15:02:33 | 000,000,000 | ---D | M] ("WX Download") -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\SENDSPACEEXTENTION\FIREFOX
() (No name found) -- C:\DOCUMENTS AND SETTINGS\U\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\6ZHH3PM6.DEFAULT\EXTENSIONS\{DB9127A2-3381-41EC-82B3-1B6ED4C6F29A}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\U\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\6ZHH3PM6.DEFAULT\EXTENSIONS\YTVDW@PGPORT.COM.XPI
[2011-08-09 14:10:06 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\BEARSHARE APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION
[2011-12-28 20:40:39 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2011-12-28 20:40:39 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES\IOBIT TOOLBAR\FF
[2011-06-18 11:08:12 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-03-18 19:04:29 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-10-03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-07-12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010-01-01 09:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-02-11 17:24:58 | 000,002,275 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\aolsearch.xml
[2010-01-01 09:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-12-13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2011-07-15 23:28:31 | 000,002,051 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchstonicla.xml
[2010-01-01 09:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-01 09:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-08-09 14:09:21 | 000,002,493 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2010-01-01 09:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 09:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: My Global Search Plugin Stub (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Marc Ecko = C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk\2_0\
CHR - Extension: Gmail = C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-09 22:45:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (CrossRider) - {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Program Files\CrossriderWebApps\Crossrider.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe (MusicLab, LLC)
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [Hotkey] C:\Program Files\office keyboard driver\Hotkey.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.)
O4 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003..\Run: [CrossRiderPlugin] C:\Program Files\CrossriderWebApps\Crossrider.exe (Crossrider)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: ????3?? - Reg Error: Value error. File not found
O8 - Extra context menu item: ????3?????? - Reg Error: Value error. File not found
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\u\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\u\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8E04FDC-BED6-4BCF-92DE-6A887ABF9EDC}: NameServer = 62.233.233.233 87.204.204.204
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\datamngr.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\IEBHO.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-06-15 18:43:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7889d2c1-e48b-11e0-9009-4d6564696130}\Shell - "" = AutoRun
O33 - MountPoints2\{7889d2c1-e48b-11e0-9009-4d6564696130}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-02-04 18:04:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Pulpit\advanced-anti-keylogger
[2012-02-04 16:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012-02-04 16:13:15 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-02-04 14:19:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
[2012-02-04 14:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\ESET
[2012-02-02 18:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Deluxe Ski Jump 4
[2012-02-02 17:32:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012-02-02 14:49:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Dane aplikacji\Malwarebytes
[2012-02-02 14:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2012-02-02 14:48:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2012-02-02 14:48:38 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012-02-02 14:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-02-01 19:04:35 | 000,000,000 | ---D | C] -- C:\rsit
[2012-02-01 18:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012-01-29 22:49:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Menu Start\Programy\Tiveria
[2012-01-29 21:29:30 | 000,027,904 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\VIAAGP1.SYS
[2012-01-29 21:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\WINDOWS
[2012-01-24 17:49:45 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2012-01-24 17:42:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Pulpit\18153785
[2012-01-22 19:17:28 | 000,000,000 | ---D | C] -- C:\vcs5BGEffects
[2012-01-22 19:16:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Menu Start\Programy\Voice Changer Software DIAMOND
[2012-01-08 19:20:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Dane aplikacji\Notepad++
[2012-01-02 14:07:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\f-secure
[2011-12-28 20:40:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Dane aplikacji\Search Settings
[2011-12-28 20:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2011-12-28 20:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar
[2011-12-28 20:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2011-12-20 20:04:14 | 000,000,000 | ---D | C] -- C:\tmp
[2011-12-20 20:04:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Menu Start\Programy\Wirtualna Polska
[2011-12-20 19:51:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Dane aplikacji\teamspeak2
[2011-12-20 18:52:43 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2011-12-20 18:52:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Teamspeak2 RC2
[2011-12-20 18:52:20 | 000,000,000 | ---D | C] -- C:\Program Files\Teamspeak2_RC2
[2011-12-14 15:22:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\PMB Files
[2011-12-14 15:22:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2011-12-14 15:21:42 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011-12-11 20:08:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\cFos
[2011-12-11 20:00:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\cFos
[2011-12-09 21:37:58 | 000,000,000 | RH-D | C] -- C:\AHCache
[2011-07-15 23:09:56 | 003,486,088 | ---- | C] (Ask) -- C:\Program Files\Common Files\ApnToolbarInstaller.exe
[2011-07-15 23:09:54 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\ApnStub.exe
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-02-05 10:48:26 | 000,001,022 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-02-05 10:48:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-02-04 22:47:02 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-02-04 16:30:58 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-02-04 15:10:04 | 000,000,855 | ---- | M] () -- C:\Documents and Settings\u\.recently-used.xbel
[2012-02-04 13:46:05 | 003,006,764 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\loll.wav
[2012-02-03 22:26:33 | 137,917,484 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\ts3_recording_12_02_03_22_14_30.wav
[2012-02-02 17:32:45 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012-02-02 14:48:41 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-02-02 14:47:33 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-01-31 18:25:56 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\Statistic Reader.lnk
[2012-01-31 14:59:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-01-29 23:05:15 | 000,515,660 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-01-29 23:05:15 | 000,455,376 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-01-29 23:05:15 | 000,095,664 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-01-29 23:05:15 | 000,075,350 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-01-26 13:38:40 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2012-01-24 17:51:17 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-01-24 17:51:17 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-01-05 22:58:06 | 000,000,877 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\Makefile.win
[2012-01-05 22:55:58 | 000,475,678 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\Projekt1.exe
[2012-01-01 15:41:06 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-12-20 20:33:28 | 008,952,344 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\SkajpajByBrock.wav
[2011-12-20 18:52:43 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2011-12-20 18:52:35 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\Teamspeak 2 RC2.lnk
[2011-12-10 23:43:15 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\Skrót do metin2.lnk
[2011-12-10 22:12:22 | 000,000,573 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\Mp-Hacks Ghetto sXe 1.0.lnk
[2011-12-10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-02-04 15:10:04 | 000,000,855 | ---- | C] () -- C:\Documents and Settings\u\.recently-used.xbel
[2012-02-04 13:45:49 | 003,006,764 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\loll.wav
[2012-02-03 22:14:34 | 137,917,484 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\ts3_recording_12_02_03_22_14_30.wav
[2012-02-02 14:48:41 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-01-31 18:25:56 | 000,000,672 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\Statistic Reader.lnk
[2012-01-24 17:51:17 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-01-24 17:51:17 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-01-24 17:50:27 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk
[2011-12-20 20:30:04 | 008,952,344 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\SkajpajByBrock.wav
[2011-12-20 18:52:35 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\Teamspeak 2 RC2.lnk
[2011-12-10 23:43:15 | 000,000,610 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\Skrót do metin2.lnk
[2011-12-10 22:10:35 | 000,000,573 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\Mp-Hacks Ghetto sXe 1.0.lnk
[2011-10-23 20:28:48 | 000,412,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1292428093-1482476501-1417001333-1003-0.dat
[2011-10-23 20:28:47 | 000,202,630 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2011-10-16 18:14:09 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2011-10-14 22:37:47 | 001,589,248 | ---- | C] () -- C:\WINDOWS\System32\libmysql_d.dll
[2011-09-21 22:01:44 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011-08-30 11:43:49 | 000,000,169 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2011-08-30 11:43:49 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2011-08-30 11:43:34 | 000,253,008 | ---- | C] () -- C:\WINDOWS\adirasx64.exe
[2011-08-30 11:43:34 | 000,194,128 | ---- | C] () -- C:\WINDOWS\adiras.exe
[2011-08-30 11:43:32 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\IPDETECT.EXE
[2011-08-30 11:43:27 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P2.BIN
[2011-08-30 11:43:21 | 000,176,128 | ---- | C] () -- C:\WINDOWS\autoclk.exe
[2011-08-30 11:43:21 | 000,024,576 | ---- | C] () -- C:\WINDOWS\enddisk32.exe
[2011-08-30 11:43:20 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2011-08-30 11:43:17 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL
[2011-08-30 11:43:15 | 000,152,308 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I2.BIN
[2011-08-30 11:43:15 | 000,152,306 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I1.BIN
[2011-08-30 11:43:15 | 000,152,306 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I0.BIN
[2011-08-30 11:43:15 | 000,152,146 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P2.BIN
[2011-08-30 11:43:15 | 000,152,145 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P1.BIN
[2011-08-30 11:43:15 | 000,152,145 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P0.BIN
[2011-08-30 11:43:14 | 000,152,036 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D2.BIN
[2011-08-30 11:43:14 | 000,152,034 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D1.BIN
[2011-08-30 11:43:14 | 000,152,034 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D0.BIN
[2011-08-30 11:43:14 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin
[2011-08-30 11:43:12 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P0.BIN
[2011-08-30 11:43:12 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I2.BIN
[2011-08-30 11:43:11 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P1.BIN
[2011-08-30 11:43:10 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I1.BIN
[2011-08-30 11:43:06 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I0.BIN
[2011-08-30 11:24:11 | 000,000,990 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2011-07-26 20:14:34 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2011-07-15 23:29:25 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2011-07-15 19:16:59 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-03 19:39:38 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2011-07-03 19:34:04 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2011-06-18 12:23:06 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011-06-18 11:16:46 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-06-18 11:03:25 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-06-18 11:03:24 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011-06-18 11:03:19 | 000,631,808 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-06-18 11:03:18 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-06-18 11:03:16 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-06-16 15:39:21 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-06-16 15:37:36 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011-06-15 20:26:14 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-06-15 20:23:59 | 000,192,976 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-06-15 18:51:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-06-15 18:37:45 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-01-27 03:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009-06-09 22:45:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009-06-09 22:45:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009-06-09 22:45:00 | 000,515,660 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2009-06-09 22:45:00 | 000,455,376 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009-06-09 22:45:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2009-06-09 22:45:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009-06-09 22:45:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009-06-09 22:45:00 | 000,095,664 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2009-06-09 22:45:00 | 000,075,350 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009-06-09 22:45:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009-06-09 22:45:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2009-06-09 22:45:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009-06-09 22:45:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009-06-09 22:45:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009-06-09 22:45:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009-06-09 22:45:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008-08-28 12:19:18 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\IsDRM.dll
[2008-08-28 12:16:00 | 000,544,768 | ---- | C] () -- C:\WINDOWS\System32\AudioConverter.dll
[2005-11-06 00:34:50 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\Lame.exe
[2005-05-17 21:37:10 | 000,076,800 | ---- | C] () -- C:\WINDOWS\System32\Faac.exe
[2002-09-17 23:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2002-07-19 17:48:22 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\OggEnc.exe
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2011-08-09 14:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\830D
[2011-08-09 19:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2012-02-02 14:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-11-20 16:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2011-08-09 14:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
[2011-12-11 20:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\cFos
[2011-11-20 16:34:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2011-09-21 21:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-11-20 16:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Easy Driver Pro
[2012-01-02 14:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\f-secure
[2011-07-29 16:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FlyVPN
[2011-06-19 12:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-10-16 15:03:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallMate
[2011-06-24 12:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2011-07-15 21:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-08-09 19:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\page
[2011-12-14 15:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2011-10-16 15:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Premium
[2011-10-16 15:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SendSpaceExtention
[2011-07-16 10:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-10-14 20:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ticno
[2011-07-16 10:53:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}
[2012-01-18 16:39:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\.minecraft
[2011-08-09 19:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Ashampoo
[2011-07-15 21:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\BeSpotted
[2011-07-15 18:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\BITS
[2011-10-14 20:48:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Breakpad
[2011-08-09 14:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\bsbandmltbpi
[2011-11-20 15:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\DAEMON Tools Lite
[2012-01-31 20:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Dev-Cpp
[2011-08-08 13:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\DMCache
[2011-07-16 10:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\facemoods.com
[2012-01-04 17:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\FileZilla
[2011-07-03 19:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\FlashGet
[2011-07-03 19:31:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\FlashGetBHO
[2011-06-21 17:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Gadu-Gadu 10
[2011-07-15 22:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\GetRightToGo
[2011-06-16 15:34:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\GHISLER
[2012-02-04 15:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\gtk-2.0
[2011-11-06 17:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\IDM
[2011-10-14 20:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Installer
[2011-07-03 19:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\IObit
[2011-08-09 14:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\mediabarbs
[2011-10-05 21:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Mumble
[2011-08-30 11:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Netia
[2012-01-28 19:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Notepad++
[2011-08-03 00:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\ObviousIdea
[2011-07-15 23:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\OpenCandy
[2011-07-15 21:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\OpenFM
[2012-01-08 20:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\QuickStoresToolbar
[2011-12-28 20:40:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Search Settings
[2011-10-14 22:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Ticno
[2011-10-02 10:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\TS3Client
[2011-08-03 23:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\XnView

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6900017D
< End of report >

OTL Extras logfile created on: 2012-02-05 11:09:35 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\u\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

958,42 Mb Total Physical Memory | 359,87 Mb Available Physical Memory | 37,55% Memory free
2,26 Gb Paging File | 1,79 Gb Available in Paging File | 79,25% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 2,57 Gb Free Space | 17,55% Space Free | Partition Type: NTFS
Drive D: | 17,76 Gb Total Space | 12,20 Gb Free Space | 68,69% Space Free | Partition Type: NTFS

Computer Name: G-07D8033E029C4 | User Name: u | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1292428093-1482476501-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Przeglądaj w XnView] -- "C:\Program Files\XnView\xnview.exe" "%1"
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"57955:TCP" = 57955:TCP:*:Enabled:Pando Media Booster
"57955:UDP" = 57955:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"57955:TCP" = 57955:TCP:*:Enabled:Pando Media Booster
"57955:UDP" = 57955:UDP:*:Enabled:Pando Media Booster

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 -- (GG Network S.A.)
"D:\Program Files\Counter-Strike\cstrike.exe" = D:\Program Files\Counter-Strike\cstrike.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Metin2\metin2.bin" = C:\Program Files\Metin2\metin2.bin:*:Enabled:metin2
"C:\Program Files\Metin2\metin2client.bin" = C:\Program Files\Metin2\metin2client.bin:*:Enabled:metin2client
"D:\Program Files\Metin2_PL\metin2.bin" = D:\Program Files\Metin2_PL\metin2.bin:*:Enabled:metin2
"D:\Program Files\AriusMT2\metin2client.bin" = D:\Program Files\AriusMT2\metin2client.bin:*:Enabled:metin2client
"C:\Program Files\Metin2\metin2mod_2011sf.exe" = C:\Program Files\Metin2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf
"D:\Program Files\Kaladar\Kaladar.exe" = D:\Program Files\Kaladar\Kaladar.exe:*:Enabled:Kaladar
"C:\Program Files\Metin2\Kaladar.exe" = C:\Program Files\Metin2\Kaladar.exe:*:Enabled:Kaladar
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Documents and Settings\u\Ustawienia lokalne\Temp\NevrasT.bin" = C:\Documents and Settings\u\Ustawienia lokalne\Temp\NevrasT.bin:*:Enabled:NevrasT
"C:\Program Files\Metin2\Venise.exe" = C:\Program Files\Metin2\Venise.exe:*:Enabled:Venise
"D:\Program Files\Venise\Venise.exe" = D:\Program Files\Venise\Venise.exe:*:Enabled:Venise
"C:\Documents and Settings\u\Moje dokumenty\Downloads\Programs\SweetImSetup.exe" = C:\Documents and Settings\u\Moje dokumenty\Downloads\Programs\SweetImSetup.exe:*:Enabled:SweetIM Installer
"C:\Documents and Settings\u\Ustawienia lokalne\Temp\SweetIMReinstall\SweetImSetup.exe" = C:\Documents and Settings\u\Ustawienia lokalne\Temp\SweetIMReinstall\SweetImSetup.exe:*:Enabled:SweetIM Installer
"C:\Program Files\Metin2x\metin2.bin" = C:\Program Files\Metin2x\metin2.bin:*:Enabled:metin2
"C:\Program Files\Metin2x\metin2client.bin" = C:\Program Files\Metin2x\metin2client.bin:*:Enabled:metin2client
"C:\Program Files\Metin2x\Erathia.exe" = C:\Program Files\Metin2x\Erathia.exe:*:Enabled:Erathia
"D:\Program Files\Erathia\Erathia\metin2client.exe.exe" = D:\Program Files\Erathia\Erathia\metin2client.exe.exe:*:Enabled:metin2client.exe
"C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer
"C:\Program Files\Common Files\aol\acs\AOLacsd.exe" = C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service
"C:\Program Files\Common Files\aol\1311702059\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1311702059\ee\aolsoftware.exe:*:Enabled:AOL Shared Components
"C:\Program Files\AOL 9.5\waol.exe" = C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOL
"D:\Program Files\Metin25s2\Metin5.S2.07.02.2011\Metin5_S2.exe" = D:\Program Files\Metin25s2\Metin5.S2.07.02.2011\Metin5_S2.exe:*:Enabled:Metin5_S2
"D:\Program Files\Metin25s2\Metin5.S2.07.02.2011\metin2.bin" = D:\Program Files\Metin25s2\Metin5.S2.07.02.2011\metin2.bin:*:Enabled:Customizable 2010 Client Launcher
"D:\Program Files\Metin5.S2.07.02.2011\Metin5_S2.exe" = D:\Program Files\Metin5.S2.07.02.2011\Metin5_S2.exe:*:Enabled:Metin5_S2
"C:\Program Files\Metin2\Longju.exe" = C:\Program Files\Metin2\Longju.exe:*:Enabled:Longju
"D:\Program Files\Erathia\Erathia\metin2.bin" = D:\Program Files\Erathia\Erathia\metin2.bin:*:Enabled:metin2
"C:\Program Files\BearShare\BearShare.exe" = C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare
"C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\dtUser.exe" = C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)
"D:\Program Files\imt2\InsanityMT2\InsanityMT2.exe" = D:\Program Files\imt2\InsanityMT2\InsanityMT2.exe:*:Enabled:InsanityMT2
"C:\Program Files\Metin2\InsanityMT2.exe" = C:\Program Files\Metin2\InsanityMT2.exe:*:Enabled:InsanityMT2
"D:\Program Files\InsanityMT2\InsanityMT2.exe" = D:\Program Files\InsanityMT2\InsanityMT2.exe:*:Enabled:InsanityMT2
"D:\Program Files\AtlantisMT2\metin2.bin" = D:\Program Files\AtlantisMT2\metin2.bin:*:Enabled:metin2
"D:\Program Files\Alceria\alcpr.bin" = D:\Program Files\Alceria\alcpr.bin:*:Enabled:alcpr
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Metin2\metin2.exe" = C:\Program Files\Metin2\metin2.exe:*:Enabled:metin2
"D:\Program Files\utorrent.exe" = D:\Program Files\utorrent.exe:*:Enabled:µTorrent
"D:\Program Files\Evenar\metin2client.bin" = D:\Program Files\Evenar\metin2client.bin:*:Enabled:metin2client
"D:\Program Files\Evenar\Erdiana.pl.exe" = D:\Program Files\Evenar\Erdiana.pl.exe:*:Enabled:Erdiana.pl
"C:\Program Files\Metin2\Erdiana.pl.exe" = C:\Program Files\Metin2\Erdiana.pl.exe:*:Enabled:Erdiana.pl
"D:\Program Files\Client\metin2clientexe.exe" = D:\Program Files\Client\metin2clientexe.exe:*:Enabled:metin2clientexe
"D:\Program Files\Evenar\Elestium.exe" = D:\Program Files\Evenar\Elestium.exe:*:Enabled:Elestium
"D:\Program Files\Evenar\metin2.bin" = D:\Program Files\Evenar\metin2.bin:*:Enabled:metin2
"D:\Program Files\CavalosMT2\patch.bin" = D:\Program Files\CavalosMT2\patch.bin:*:Enabled:patch
"D:\Program Files\CavalosMT2\Launcher.exe" = D:\Program Files\CavalosMT2\Launcher.exe:*:Enabled:Launcher
"D:\Program Files\CavalosMT2\metin2mod_2011sf.exe" = D:\Program Files\CavalosMT2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf
"C:\Program Files\Metin2Pl\metin2.exe" = C:\Program Files\Metin2Pl\metin2.exe:*:Enabled:metin2 -- ()
"C:\Program Files\Metin2Pl\metin2.bin" = C:\Program Files\Metin2Pl\metin2.bin:*:Enabled:metin2 -- ()
"C:\Program Files\Metin2Pl\metin2client.bin" = C:\Program Files\Metin2Pl\metin2client.bin:*:Enabled:metin2client -- ()
"D:\Program Files\Tiveria\game.bin" = D:\Program Files\Tiveria\game.bin:*:Enabled:game
"D:\Program Files\Klient Divine World\metin2.bin" = D:\Program Files\Klient Divine World\metin2.bin:*:Enabled:metin2
"D:\Program Files\Klient Divine World\DivineWorld.exe" = D:\Program Files\Klient Divine World\DivineWorld.exe:*:Enabled:DivineWorld
"D:\Program Files\XenoxMt2\XenoxMT2 Launcher.exe" = D:\Program Files\XenoxMt2\XenoxMT2 Launcher.exe:*:Enabled:XenoxMT2 Launcher
"D:\Program Files\DivineWorld\DivineWorld.exe" = D:\Program Files\DivineWorld\DivineWorld.exe:*:Enabled:DivineWorld
"D:\Program Files\Klient Divine World\metin2client.bin" = D:\Program Files\Klient Divine World\metin2client.bin:*:Enabled:metin2client
"D:\Program Files\Airo\AiroClient.bin" = D:\Program Files\Airo\AiroClient.bin:*:Enabled:AiroClient
"D:\Program Files\Airo\metin2client.bin" = D:\Program Files\Airo\metin2client.bin:*:Enabled:metin2client
"D:\Program Files\DivineWorld\EternalMT2.exe" = D:\Program Files\DivineWorld\EternalMT2.exe:*:Enabled:EternalMT2
"D:\Program Files\DivineWorld\Nexusmt2 Uruchom.exe" = D:\Program Files\DivineWorld\Nexusmt2 Uruchom.exe:*:Enabled:Nexusmt2 Uruchom
"D:\Program Files\UnlimitedWorld-Client\UnlimitedWorld.exe" = D:\Program Files\UnlimitedWorld-Client\UnlimitedWorld.exe:*:Enabled:UnlimitedWorld
"D:\Program Files\Abyss\Metin2\abyss.exe" = D:\Program Files\Abyss\Metin2\abyss.exe:*:Enabled:abyss
"D:\Program Files\EA GAMES\Battlefield 2\BF2.exe" = D:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2
"D:\Program Files\EA GAMES\Battlefield 2\Bf2_w32ded.exe" = D:\Program Files\EA GAMES\Battlefield 2\Bf2_w32ded.exe:*:Enabled:Bf2_w32ded
"D:\Program Files\EA GAMES\Battlefield 2\BF2VoipServer_w32ded.exe" = D:\Program Files\EA GAMES\Battlefield 2\BF2VoipServer_w32ded.exe:*:Enabled:BF2VoipServer_w32ded
"D:\Program Files\DivineWorld\metin2client.bin" = D:\Program Files\DivineWorld\metin2client.bin:*:Enabled:metin2client
"D:\Program Files\UnlimitedWorld-Client\Aventer.exe" = D:\Program Files\UnlimitedWorld-Client\Aventer.exe:*:Enabled:Aventer
"D:\Program Files\UnlimitedWorld-Client\metin2client.bin" = D:\Program Files\UnlimitedWorld-Client\metin2client.bin:*:Enabled:metin2client
"D:\Program Files\UnlimitedWorld-Client\metin2client1.exe" = D:\Program Files\UnlimitedWorld-Client\metin2client1.exe:*:Enabled:metin2client1
"D:\Program Files\DivineWorld\Aventer.exe" = D:\Program Files\DivineWorld\Aventer.exe:*:Enabled:Aventer
"D:\Program Files\New Beginning\Aventer.exe" = D:\Program Files\New Beginning\Aventer.exe:*:Enabled:Aventer
"D:\Program Files\UnlimitedWorld-Client\SSMt2.exe" = D:\Program Files\UnlimitedWorld-Client\SSMt2.exe:*:Enabled:SSMt2
"C:\Program Files\Common Files\aol\1321607345\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1321607345\ee\aolsoftware.exe:*:Enabled:AOL Shared Components
"D:\Program Files\Metin2 Singapore\metin2.bin" = D:\Program Files\Metin2 Singapore\metin2.bin:*:Enabled:metin2
"D:\Program Files\nb\New Beginning\Leiria.exe.exe" = D:\Program Files\nb\New Beginning\Leiria.exe.exe:*:Enabled:Leiria.exe
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"D:\Program Files\New Beginning\metin2.bin" = D:\Program Files\New Beginning\metin2.bin:*:Enabled:metin2
"D:\Program Files\New Beginning\metin2client.bin" = D:\Program Files\New Beginning\metin2client.bin:*:Enabled:metin2client
"D:\Program Files\New Beginning\wmdc.bin" = D:\Program Files\New Beginning\wmdc.bin:*:Enabled:wmdc
"D:\Program Files\New Beginning\Sevoris.pl.exe" = D:\Program Files\New Beginning\Sevoris.pl.exe:*:Enabled:Sevoris.pl
"D:\Program Files\nb\New Beginning\Sevoris.pl.exe" = D:\Program Files\nb\New Beginning\Sevoris.pl.exe:*:Enabled:Sevoris.pl
"D:\Program Files\New Beginning\AnxoMT2.exe" = D:\Program Files\New Beginning\AnxoMT2.exe:*:Enabled:AnxoMT2
"D:\Program Files\New Beginning\metin2client.exe" = D:\Program Files\New Beginning\metin2client.exe:*:Enabled:metin2client
"D:\Program Files\nb\New Beginning\metin2client.exe" = D:\Program Files\nb\New Beginning\metin2client.exe:*:Enabled:metin2client
"D:\Program Files\nb\xd\metin2client.exe" = D:\Program Files\nb\xd\metin2client.exe:*:Enabled:metin2client
"D:\Program Files\nb\xd\Leiria.exe.exe" = D:\Program Files\nb\xd\Leiria.exe.exe:*:Enabled:Leiria.exe
"D:\Program Files\nb\xd\metin2client.bin" = D:\Program Files\nb\xd\metin2client.bin:*:Enabled:metin2client
"D:\Program Files\New Beginning\Venise s2.exe" = D:\Program Files\New Beginning\Venise s2.exe:*:Enabled:Venise s2
"C:\Documents and Settings\u\Pulpit\ECC5_2\ECC\Blackshades server.exe" = C:\Documents and Settings\u\Pulpit\ECC5_2\ECC\Blackshades server.exe:*:Enabled:Windows Messanger
"C:\Documents and Settings\u\Dane aplikacji\winupdate34.exe" = C:\Documents and Settings\u\Dane aplikacji\winupdate34.exe:*:Enabled:Windows Messanger
"D:\Program Files\New Beginning\Używać Przy Problemach z AutoPatcherem.exe" = D:\Program Files\New Beginning\Używać Przy Problemach z AutoPatcherem.exe:*:Enabled:Używać Przy Problemach z AutoPatcherem
"D:\Program Files\New Beginning\Anadia.exe" = D:\Program Files\New Beginning\Anadia.exe:*:Enabled:Anadia
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\Program Files\New Beginning\Atlantica.exe" = D:\Program Files\New Beginning\Atlantica.exe:*:Enabled:Atlantica
"D:\Program Files\New Beginning\starter.exe" = D:\Program Files\New Beginning\starter.exe:*:Enabled:starter
"D:\Program Files\patcher\patcher\metin2.bin" = D:\Program Files\patcher\patcher\metin2.bin:*:Enabled:metin2
"D:\Program Files\New Beginning\Play Free.exe" = D:\Program Files\New Beginning\Play Free.exe:*:Enabled:Play Free
"D:\Program Files\patcher\patcher\Play Free.exe" = D:\Program Files\patcher\patcher\Play Free.exe:*:Enabled:Play Free
"D:\Program Files\Metin2Pl\Play Free.exe" = D:\Program Files\Metin2Pl\Play Free.exe:*:Enabled:Play Free
"D:\Program Files\PlayFree\Play Free.exe" = D:\Program Files\PlayFree\Play Free.exe:*:Enabled:Play Free
"D:\Program Files\PlayFree\ReactiveMt2 Launcher.exe" = D:\Program Files\PlayFree\ReactiveMt2 Launcher.exe:*:Enabled:ReactiveMt2 Launcher
"D:\Program Files\ReactiveMt2\Reactivemt2.exe" = D:\Program Files\ReactiveMt2\Reactivemt2.exe:*:Enabled:Reactivemt2
"D:\Program Files\ReactiveMt2\Launcher.exe" = D:\Program Files\ReactiveMt2\Launcher.exe:*:Enabled:Launcher
"D:\Program Files\patcher\metin2.bin" = D:\Program Files\patcher\metin2.bin:*:Enabled:metin2
"D:\Program Files\Metin2Pl\Elveron.exe" = D:\Program Files\Metin2Pl\Elveron.exe:*:Enabled:Elveron
"D:\Program Files\patcher\metin2client.bin" = D:\Program Files\patcher\metin2client.bin:*:Enabled:metin2client
"D:\Program Files\patcher\metin2mod_2011sf.exe" = D:\Program Files\patcher\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf
"D:\Program Files\patcher\Tenadia.exe" = D:\Program Files\patcher\Tenadia.exe:*:Enabled:Tenadia
"D:\Program Files\patcher\Metin2.exe" = D:\Program Files\patcher\Metin2.exe:*:Enabled:Metin2
"D:\Program Files\patcher\PandoraMT2.exe" = D:\Program Files\patcher\PandoraMT2.exe:*:Enabled:PandoraMT2
"D:\Program Files\Andelios\metin2.bin" = D:\Program Files\Andelios\metin2.bin:*:Enabled:metin2
"D:\Program Files\Andelios\metin2.exe" = D:\Program Files\Andelios\metin2.exe:*:Enabled:metin2
"D:\Program Files\patcher\ReactiveMt2 Launcher.exe" = D:\Program Files\patcher\ReactiveMt2 Launcher.exe:*:Enabled:ReactiveMt2 Launcher
"D:\Program Files\DevuxMT2\DevuxMT2.exe" = D:\Program Files\DevuxMT2\DevuxMT2.exe:*:Enabled:DevuxMT2
"D:\Program Files\DevuxMT2\ReactiveMt2 Launcher.exe" = D:\Program Files\DevuxMT2\ReactiveMt2 Launcher.exe:*:Enabled:ReactiveMt2 Launcher
"D:\Program Files\Metin2Pl\Melleur^Beta.exe" = D:\Program Files\Metin2Pl\Melleur^Beta.exe:*:Enabled:Melleur^Beta
"D:\Program Files\Metin2Pl\Freak2.exe" = D:\Program Files\Metin2Pl\Freak2.exe:*:Enabled:Freak2
"D:\Program Files\Metin2Pl\metin2.bin" = D:\Program Files\Metin2Pl\metin2.bin:*:Enabled:metin2
"D:\Program Files\Metin2Pl\Lexalia.pl.exe" = D:\Program Files\Metin2Pl\Lexalia.pl.exe:*:Enabled:Lexalia.pl


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 29
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{49FC50FC-F965-40D9-89B4-CBFF80941PLK}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0415-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Polish) 12
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{91C0B95B-B83A-4828-A775-BBE2DD421045}" = Nero 7 Ultra Edition
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A0F43BC6-E685-49CB-BF91-851F62628343}" = AudioCommander
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1045-7B44-AA0000000001}" = Adobe Reader X - Polish
"{AE613868-24C7-4f1f-A9C6-7B3B718ABDA5}" = IObit Toolbar v4.9
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{DF67E8C2-1D4C-44E1-93DC-7E26E2D74D00}" = MSXML 6.0 SDK
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"ASIO4ALL" = ASIO4ALL
"AudioCommander" = AudioCommander
"BearShare 2 MediaBar" = MediaBar
"Crossrider" = Crossrider Web Apps
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"facemoods" = facemoods
"Gadu-Gadu 10" = Gadu-Gadu 10
"GLVIEW3" = OpenGL Extensions Viewer 3.0
"Google Chrome" = Google Chrome
"Hardcore" = Hardcore
"Icy Tower v1.5_is1" = Icy Tower v1.5
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.1.2
"KM Wakeup" = KM Wakeup 1.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.1.1000
"Metin2" = Metin2
"Metin2_is1" = Metin2
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 4.0 (x86 pl)" = Mozilla Firefox 4.0 (x86 pl)
"Notatnik SP_is1" = Notatnik SP, ver 4.1
"office keyboard driver_is1" = office keyboard driver 2.0
"PoiZone" = PoiZone
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"RealAlt_is1" = Real Alternative 2.0.2
"Sawer" = Sawer
"SpeedFan" = SpeedFan (remove only)
"SubEdit-Player_is1" = SubEdit-Player
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd" = Total Commander (Remove or Repair)
"Toxic Biohazard" = Toxic Biohazard
"VIA/S3G UniChrome Family Win2K/XP/Server2003 Display" = VIA/S3G Display Driver 6.14.10.0297
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Winamp" = Winamp
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR 4.00 (32-bitowy)

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1292428093-1482476501-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Counter-Strike 1.6: New Era" = Counter-Strike 1.6: New Era
"Winamp Detect" = Winamp Detector Plug-in

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2011-11-21 11:30:17 | Computer Name = G-07D8033E029C4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hotkey.exe, wersja 1.0.0.1, moduł powodujący
błąd ikey.dll, wersja 1.0.0.1, adres błędu 0x000011a5.

Error - 2011-11-24 14:23:44 | Computer Name = G-07D8033E029C4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hotkey.exe, wersja 1.0.0.1, moduł powodujący
błąd ikey.dll, wersja 1.0.0.1, adres błędu 0x000011a5.

Error - 2011-11-26 11:21:07 | Computer Name = G-07D8033E029C4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hotkey.exe, wersja 1.0.0.1, moduł powodujący
błąd ikey.dll, wersja 1.0.0.1, adres błędu 0x000011a5.

Error - 2011-11-27 07:08:45 | Computer Name = G-07D8033E029C4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hotkey.exe, wersja 1.0.0.1, moduł powodujący
błąd ikey.dll, wersja 1.0.0.1, adres błędu 0x000011a5.

Error - 2011-11-28 14:40:22 | Computer Name = G-07D8033E029C4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hotkey.exe, wersja 1.0.0.1, moduł powodujący
błąd ikey.dll, wersja 1.0.0.1, adres błędu 0x000011a5.

Error - 2011-11-29 16:05:51 | Computer Name = G-07D8033E029C4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hotkey.exe, wersja 1.0.0.1, moduł powodujący
błąd ikey.dll, wersja 1.0.0.1, adres błędu 0x000011a5.

Error - 2011-11-30 10:13:41 | Computer Name = G-07D8033E029C4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hotkey.exe, wersja 1.0.0.1, moduł powodujący
błąd ikey.dll, wersja 1.0.0.1, adres błędu 0x000011a5.

Error - 2011-12-01 12:25:06 | Computer Name = G-07D8033E029C4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hotkey.exe, wersja 1.0.0.1, moduł powodujący
błąd ikey.dll, wersja 1.0.0.1, adres błędu 0x000011a5.

Error - 2011-12-03 06:36:59 | Computer Name = G-07D8033E029C4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.5512, moduł
powodujący błąd bonusswitcher by padmak (c) v1.5.2 (xp).dll, wersja 0.0.0.0, adres
błędu 0x0000307d.

Error - 2011-12-03 10:04:45 | Computer Name = G-07D8033E029C4 | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd hotkey.exe, wersja 1.0.0.1, moduł powodujący
błąd ikey.dll, wersja 1.0.0.1, adres błędu 0x000011a5.

[ System Events ]
Error - 2012-02-04 11:33:11 | Computer Name = G-07D8033E029C4 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2012-02-04 11:33:15 | Computer Name = G-07D8033E029C4 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2012-02-04 11:33:17 | Computer Name = G-07D8033E029C4 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2012-02-04 11:33:20 | Computer Name = G-07D8033E029C4 | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\D wystąpił zły blok.

Error - 2012-02-04 13:32:53 | Computer Name = G-07D8033E029C4 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi General Purpose USB Driver (e4ldr.sys)
z powodu następującego błędu: %%1058

Error - 2012-02-04 13:33:02 | Computer Name = G-07D8033E029C4 | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: gagp30kx ViaIde

Error - 2012-02-04 13:33:11 | Computer Name = G-07D8033E029C4 | Source = sr | ID = 1
Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC0000001'
podczas przetwarzania pliku '' w woluminie 'HarddiskVolume1'. W rezultacie zostało
zatrzymane monitorowanie woluminu.

Error - 2012-02-04 15:17:47 | Computer Name = G-07D8033E029C4 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi General Purpose USB Driver (e4ldr.sys)
z powodu następującego błędu: %%1058

Error - 2012-02-04 15:18:06 | Computer Name = G-07D8033E029C4 | Source = System Error | ID = 1003
Description = Kod błędu 1000008e, parametr 1 c0000005, parametr 2 805b1dc0, parametr
3 f5975ce4, parametr 4 00000000.

Error - 2012-02-05 05:48:23 | Computer Name = G-07D8033E029C4 | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi General Purpose USB Driver (e4ldr.sys)
z powodu następującego błędu: %%1058


< End of report >
[/spoiler]


I jak co usunąć i jak?

Natsuki Kuga
komentarz
komentarz

Do OTL wklej:
[log]
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://home.sweetim.com"]http://home.sweetim.com[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://start.facemoo...earchTerms}&f=4"]http://start.facemoo...earchTerms}&f=4[/url]
IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=2&q="
[2011-11-18 09:57:06 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2011-11-18 09:57:11 | 000,000,000 | ---D | M] (butterscotch Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5}
[2011-11-18 09:57:17 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011-08-09 14:09:48 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
[2011-07-15 22:22:30 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011-07-15 23:28:13 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\ffxtlbr@Facemoods.com
[2011-09-25 14:19:44 | 000,002,566 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\askcom.xml
[2011-08-27 18:09:44 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\conduit.xml
[2011-08-09 14:09:21 | 000,002,493 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\SearchResults.xml
[2011-07-15 22:23:47 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\SweetIM Search.xml
[2011-07-15 22:21:59 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\sweetim.xml
[2011-11-20 15:20:15 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de
[2011-12-28 20:40:39 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2011-12-28 20:40:39 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES\IOBIT TOOLBAR\FF
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O8 - Extra context menu item: ????3?? - Reg Error: Value error. File not found
O8 - Extra context menu item: ????3?????? - Reg Error: Value error. File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\datamngr.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\IEBHO.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)

:Files
C:\Program Files\Common Files\ApnToolbarInstaller.exe
C:\Program Files\Common Files\ApnStub.exe
C:\Documents and Settings\All Users\Dane aplikacji\830D
C:\Documents and Settings\u\Dane aplikacji\QuickStoresToolbar
C:\Documents and Settings\u\Dane aplikacji\Search Settings
C:\Program Files\MyGlobalSearch

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}"=-
"{37B85A29-692B-4205-9CAD-2626E4993404}"=-
"{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}"=-
"{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}"=-
"{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}"=-

:Commands
[emptytemp]
[/log]
[b]Wykonaj skrypt,[/b] pokaż raport.

Po wykonaniu pokaż nowe logi z OTL i RSIT.

  • Dobra wypowiedź 1
kahan32
komentarz
komentarz

Oto nowe logi z OTL I RSIT
[spoiler]OTL logfile created on: 2012-02-05 13:38:28 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\u\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

958,42 Mb Total Physical Memory | 560,32 Mb Available Physical Memory | 58,46% Memory free
2,26 Gb Paging File | 1,98 Gb Available in Paging File | 87,67% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 3,44 Gb Free Space | 23,46% Space Free | Partition Type: NTFS
Drive D: | 17,76 Gb Total Space | 12,20 Gb Free Space | 68,69% Space Free | Partition Type: NTFS

Computer Name: G-07D8033E029C4 | User Name: u | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-02-05 11:08:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\u\Moje dokumenty\Downloads\OTL.exe
PRC - [2012-01-20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011-10-03 05:06:18 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2011-06-09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2011-06-01 19:28:14 | 001,545,144 | ---- | M] (MusicLab, LLC) -- C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe
PRC - [2011-05-15 23:01:44 | 000,478,720 | ---- | M] (Crossrider) -- C:\Program Files\CrossriderWebApps\Crossrider.exe
PRC - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009-08-06 18:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
PRC - [2009-06-09 22:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009-06-09 22:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2009-06-09 22:45:00 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009-06-09 22:45:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2009-06-09 22:45:00 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2009-06-09 22:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2009-06-09 22:45:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2009-06-09 22:45:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2009-06-09 22:45:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008-04-14 19:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2007-06-13 00:34:48 | 000,217,088 | ---- | M] () -- C:\Program Files\office keyboard driver\Hotkey.exe
PRC - [2007-04-16 11:58:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2007-02-13 15:20:50 | 001,205,840 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
PRC - [2006-03-23 12:32:32 | 000,176,128 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\VTTrayp.exe
PRC - [2005-03-08 00:03:28 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-02-05 11:08:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\u\Moje dokumenty\Downloads\OTL.exe
MOD - [2012-01-20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
MOD - [2012-01-20 06:35:35 | 000,411,120 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.77\ppgooglenaclpluginchrome.dll
MOD - [2012-01-20 06:35:34 | 003,767,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.77\pdf.dll
MOD - [2012-01-20 06:34:18 | 009,848,816 | ---- | M] (The ICU Project) -- C:\Program Files\Google\Chrome\Application\16.0.912.77\icudt.dll
MOD - [2012-01-20 06:34:12 | 028,809,712 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\16.0.912.77\chrome.dll
MOD - [2012-01-20 06:34:10 | 000,122,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.77\avutil-51.dll
MOD - [2012-01-20 06:34:09 | 000,222,208 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.77\avformat-53.dll
MOD - [2012-01-20 06:34:07 | 001,746,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.77\avcodec-53.dll
MOD - [2012-01-20 03:14:40 | 008,593,056 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.77\gcswf32.dll
MOD - [2011-10-03 05:06:18 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
MOD - [2011-06-18 11:08:08 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Java\jre6\bin\msvcr71.dll
MOD - [2011-06-09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2011-06-01 19:28:18 | 001,234,360 | ---- | M] (MusicLab, LLC) -- C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll
MOD - [2011-06-01 19:28:14 | 001,545,144 | ---- | M] (MusicLab, LLC) -- C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe
MOD - [2011-05-15 23:01:44 | 000,478,720 | ---- | M] (Crossrider) -- C:\Program Files\CrossriderWebApps\Crossrider.exe
MOD - [2011-04-25 17:03:43 | 001,213,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2011-04-25 17:03:43 | 000,919,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2011-04-25 17:03:42 | 011,083,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2011-04-25 17:03:42 | 001,992,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2011-03-03 07:53:44 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2011-02-08 14:33:57 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2011-01-21 15:42:25 | 008,492,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2010-12-22 13:32:24 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2010-12-20 18:32:08 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2010-12-20 18:24:12 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2010-12-09 16:15:52 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010-11-15 20:02:34 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL
MOD - [2010-11-15 20:02:22 | 000,390,552 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2010-11-09 15:52:35 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2010-10-23 01:47:24 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
MOD - [2010-08-23 17:12:55 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-08-17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2010-08-16 09:43:34 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010-07-16 13:00:50 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2010-06-30 13:25:00 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2010-06-14 08:40:29 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msxml3.dll
MOD - [2010-04-16 16:38:53 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usp10.dll
MOD - [2010-04-06 03:52:46 | 002,462,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WMVCore.dll
MOD - [2010-03-18 16:47:22 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
MOD - [2010-03-18 16:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\aspnet_counters.dll
MOD - [2010-03-18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr100_clr0400.dll
MOD - [2010-03-18 13:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2010-03-18 13:16:28 | 000,129,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
MOD - [2010-03-18 13:16:28 | 000,121,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
MOD - [2010-03-18 10:09:00 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2010-03-18 10:09:00 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2009-12-24 08:04:53 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
MOD - [2009-12-08 10:25:45 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009-11-27 17:09:40 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\avifil32.dll
MOD - [2009-10-13 11:34:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2009-10-12 14:40:13 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2009-10-12 14:40:13 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2009-09-11 15:15:45 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2009-09-04 22:05:35 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2009-08-06 18:24:10 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wups2.dll
MOD - [2009-08-06 18:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
MOD - [2009-08-06 18:23:46 | 001,929,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuaueng.dll
MOD - [2009-07-27 23:23:50 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2009-07-17 20:04:02 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009-07-17 17:17:57 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2009-07-12 00:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009-07-12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009-07-12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2009-06-25 09:42:23 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009-06-25 09:42:23 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2009-06-10 07:16:42 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2009-06-09 22:45:00 | 002,953,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2009-06-09 22:45:00 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcGenral.dll
MOD - [2009-06-09 22:45:00 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2009-06-09 22:45:00 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2009-06-09 22:45:00 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2009-06-09 22:45:00 | 001,092,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2009-06-09 22:45:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2009-06-09 22:45:00 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2009-06-09 22:45:00 | 001,020,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2009-06-09 22:45:00 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2009-06-09 22:45:00 | 000,997,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2009-06-09 22:45:00 | 000,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2009-06-09 22:45:00 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2009-06-09 22:45:00 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2009-06-09 22:45:00 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009-06-09 22:45:00 | 000,675,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2009-06-09 22:45:00 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2009-06-09 22:45:00 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2009-06-09 22:45:00 | 000,602,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2009-06-09 22:45:00 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2009-06-09 22:45:00 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2009-06-09 22:45:00 | 000,531,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2009-06-09 22:45:00 | 000,520,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2009-06-09 22:45:00 | 000,510,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2009-06-09 22:45:00 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2009-06-09 22:45:00 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2009-06-09 22:45:00 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2009-06-09 22:45:00 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2009-06-09 22:45:00 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\riched20.dll
MOD - [2009-06-09 22:45:00 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2009-06-09 22:45:00 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2009-06-09 22:45:00 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2009-06-09 22:45:00 | 000,427,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpob2res.dll
MOD - [2009-06-09 22:45:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2009-06-09 22:45:00 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2009-06-09 22:45:00 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2009-06-09 22:45:00 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2009-06-09 22:45:00 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2009-06-09 22:45:00 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2009-06-09 22:45:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2009-06-09 22:45:00 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2009-06-09 22:45:00 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2009-06-09 22:45:00 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2009-06-09 22:45:00 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2009-06-09 22:45:00 | 000,330,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2009-06-09 22:45:00 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2009-06-09 22:45:00 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2009-06-09 22:45:00 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTF.dll
MOD - [2009-06-09 22:45:00 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2009-06-09 22:45:00 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2009-06-09 22:45:00 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2009-06-09 22:45:00 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\portabledeviceapi.dll
MOD - [2009-06-09 22:45:00 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2009-06-09 22:45:00 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2009-06-09 22:45:00 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2009-06-09 22:45:00 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2009-06-09 22:45:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2009-06-09 22:45:00 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2009-06-09 22:45:00 | 000,246,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2009-06-09 22:45:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2009-06-09 22:45:00 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2009-06-09 22:45:00 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009-06-09 22:45:00 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2009-06-09 22:45:00 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2009-06-09 22:45:00 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2009-06-09 22:45:00 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2009-06-09 22:45:00 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2009-06-09 22:45:00 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2009-06-09 22:45:00 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2009-06-09 22:45:00 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2009-06-09 22:45:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schedsvc.dll
MOD - [2009-06-09 22:45:00 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2009-06-09 22:45:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2009-06-09 22:45:00 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2009-06-09 22:45:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2009-06-09 22:45:00 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2009-06-09 22:45:00 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2009-06-09 22:45:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2009-06-09 22:45:00 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2009-06-09 22:45:00 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MSCTFIME.IME
MOD - [2009-06-09 22:45:00 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2009-06-09 22:45:00 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2009-06-09 22:45:00 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2009-06-09 22:45:00 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\portabledevicetypes.dll
MOD - [2009-06-09 22:45:00 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2009-06-09 22:45:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2009-06-09 22:45:00 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2009-06-09 22:45:00 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shmedia.dll
MOD - [2009-06-09 22:45:00 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2009-06-09 22:45:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2009-06-09 22:45:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2009-06-09 22:45:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2009-06-09 22:45:00 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2009-06-09 22:45:00 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2009-06-09 22:45:00 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2009-06-09 22:45:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2009-06-09 22:45:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wpdshserviceobj.dll
MOD - [2009-06-09 22:45:00 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2009-06-09 22:45:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2009-06-09 22:45:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2009-06-09 22:45:00 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2009-06-09 22:45:00 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2009-06-09 22:45:00 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oledlg.dll
MOD - [2009-06-09 22:45:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2009-06-09 22:45:00 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvfw32.dll
MOD - [2009-06-09 22:45:00 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2009-06-09 22:45:00 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2009-06-09 22:45:00 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2009-06-09 22:45:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2009-06-09 22:45:00 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2009-06-09 22:45:00 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2009-06-09 22:45:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2009-06-09 22:45:00 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmpshell.dll
MOD - [2009-06-09 22:45:00 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2009-06-09 22:45:00 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\loadperf.dll
MOD - [2009-06-09 22:45:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2009-06-09 22:45:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2009-06-09 22:45:00 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2009-06-09 22:45:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2009-06-09 22:45:00 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2009-06-09 22:45:00 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2009-06-09 22:45:00 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2009-06-09 22:45:00 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2009-06-09 22:45:00 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiaprpl.dll
MOD - [2009-06-09 22:45:00 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2009-06-09 22:45:00 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2009-06-09 22:45:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2009-06-09 22:45:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2009-06-09 22:45:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscsvc.dll
MOD - [2009-06-09 22:45:00 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2009-06-09 22:45:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll
MOD - [2009-06-09 22:45:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2009-06-09 22:45:00 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2009-06-09 22:45:00 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2009-06-09 22:45:00 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2009-06-09 22:45:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2009-06-09 22:45:00 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2009-06-09 22:45:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2009-06-09 22:45:00 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2009-06-09 22:45:00 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2009-06-09 22:45:00 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2009-06-09 22:45:00 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2009-06-09 22:45:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2009-06-09 22:45:00 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2009-06-09 22:45:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll
MOD - [2009-06-09 22:45:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2009-06-09 22:45:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2009-06-09 22:45:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2009-06-09 22:45:00 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2009-06-09 22:45:00 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2009-06-09 22:45:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2009-06-09 22:45:00 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2009-06-09 22:45:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2009-06-09 22:45:00 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2009-06-09 22:45:00 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2009-06-09 22:45:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2009-06-09 22:45:00 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2009-06-09 22:45:00 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2009-06-09 22:45:00 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2009-06-09 22:45:00 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2009-06-09 22:45:00 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2009-06-09 22:45:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2009-06-09 22:45:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2009-06-09 22:45:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2009-06-09 22:45:00 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2009-06-09 22:45:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2009-06-09 22:45:00 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2009-06-09 22:45:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2009-06-09 22:45:00 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2009-06-09 22:45:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2009-06-09 22:45:00 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\AcAdProc.dll
MOD - [2009-06-09 22:45:00 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2009-06-09 22:45:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2009-06-09 22:45:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2009-06-09 22:45:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2009-06-09 22:45:00 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2009-06-09 22:45:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2009-06-09 22:45:00 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2009-06-09 22:45:00 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2009-06-09 22:45:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2009-06-09 22:45:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll
MOD - [2009-06-09 22:45:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2009-06-09 22:45:00 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mspatcha.dll
MOD - [2009-06-09 22:45:00 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2009-06-09 22:45:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2009-06-09 22:45:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2009-06-09 22:45:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2009-06-09 22:45:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2009-06-09 22:45:00 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2009-06-09 22:45:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2009-06-09 22:45:00 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2009-06-09 22:45:00 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2009-06-09 22:45:00 | 000,024,064 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2009-06-09 22:45:00 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2009-06-09 22:45:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2009-06-09 22:45:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2009-06-09 22:45:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lpk.dll
MOD - [2009-06-09 22:45:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2009-06-09 22:45:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2009-06-09 22:45:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2009-06-09 22:45:00 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2009-06-09 22:45:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2009-06-09 22:45:00 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2009-06-09 22:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2009-06-09 22:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2009-06-09 22:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2009-06-09 22:45:00 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2009-06-09 22:45:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2009-06-09 22:45:00 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2009-06-09 22:45:00 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2009-06-09 22:45:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2009-06-09 22:45:00 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2009-06-09 22:45:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2009-06-09 22:45:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2009-06-09 22:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2009-06-09 22:45:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2009-06-09 22:45:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2009-06-09 22:45:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
MOD - [2009-06-09 22:45:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2009-06-09 22:45:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2009-06-09 22:45:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll
MOD - [2009-06-09 22:45:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2009-06-09 22:45:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2009-06-09 22:45:00 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2009-06-09 22:45:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2009-06-09 22:45:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2009-06-09 22:45:00 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2009-06-09 22:45:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2009-06-09 22:45:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2009-06-09 22:45:00 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2009-06-09 22:45:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauserv.dll
MOD - [2009-06-09 22:45:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msidle.dll
MOD - [2009-06-09 22:45:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2009-06-09 22:45:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2009-06-09 22:45:00 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2009-06-09 22:45:00 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008-05-19 05:33:20 | 004,445,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2008-04-14 19:51:32 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
MOD - [2008-04-14 17:21:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2007-10-25 08:28:30 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmasf.dll
MOD - [2007-06-13 00:34:48 | 000,217,088 | ---- | M] () -- C:\Program Files\office keyboard driver\Hotkey.exe
MOD - [2007-06-02 14:11:40 | 000,114,688 | ---- | M] () -- C:\Program Files\office keyboard driver\IKey.dll
MOD - [2007-04-16 11:58:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
MOD - [2007-02-13 15:20:50 | 001,205,840 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
MOD - [2006-11-27 13:20:36 | 000,094,208 | ---- | M] () -- C:\Program Files\SAGEM\SAGEM F@st 800-840\Languages\polish.dll
MOD - [2006-10-26 19:12:30 | 000,061,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
MOD - [2006-03-23 12:32:32 | 000,176,128 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\VTTrayp.exe
MOD - [2005-09-23 06:28:32 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2005-03-08 00:03:28 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-10-30 13:46:51 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-03-18 17:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-09-25 14:27:20 | 000,012,952 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2007-04-25 12:50:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007-01-04 12:48:04 | 000,104,344 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e4usbaw.sys -- (e4usbaw)
DRV - [2007-01-04 12:47:48 | 000,069,656 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e4ldr.sys -- (E4LOADER) General Purpose USB Driver (e4ldr.sys)
DRV - [2003-07-02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 531034517
IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com
IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No CLSID value found
IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=2&q="
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950&ilc=12"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\crossriderapp1466@crossrider.com: C:\Documents and Settings\All Users\Dane aplikacji\SendSpaceExtention\firefox [2011-10-16 15:02:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-07-03 19:33:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-02-02 15:08:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\u\Dane aplikacji\IDM\idmmzcc5

[2011-06-18 11:16:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Extensions
[2011-12-28 20:40:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions
[2011-11-18 09:57:06 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2011-11-18 09:57:11 | 000,000,000 | ---D | M] (butterscotch Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5}
[2011-11-18 09:57:17 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011-08-09 14:09:48 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
[2011-07-15 22:22:30 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011-07-15 23:28:13 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\ffxtlbr@Facemoods.com
[2011-09-25 14:19:44 | 000,002,566 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\askcom.xml
[2011-08-27 18:09:44 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\conduit.xml
[2011-08-09 14:09:21 | 000,002,493 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\SearchResults.xml
[2011-07-15 22:23:47 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\SweetIM Search.xml
[2011-07-15 22:21:59 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\sweetim.xml
[2011-12-28 20:39:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-08-16 15:38:14 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011-06-18 11:08:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-07-15 23:51:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011-11-10 22:00:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011-11-20 15:20:15 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de
[2011-10-16 15:02:33 | 000,000,000 | ---D | M] ("WX Download") -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DANE APLIKACJI\SENDSPACEEXTENTION\FIREFOX
() (No name found) -- C:\DOCUMENTS AND SETTINGS\U\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\6ZHH3PM6.DEFAULT\EXTENSIONS\{DB9127A2-3381-41EC-82B3-1B6ED4C6F29A}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\U\DANE APLIKACJI\MOZILLA\FIREFOX\PROFILES\6ZHH3PM6.DEFAULT\EXTENSIONS\YTVDW@PGPORT.COM.XPI
[2011-08-09 14:10:06 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\BEARSHARE APPLICATIONS\MEDIABAR\DATAMNGR\FIREFOXEXTENSION
[2011-12-28 20:40:39 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2011-12-28 20:40:39 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES\IOBIT TOOLBAR\FF
[2011-06-18 11:08:12 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-03-18 19:04:29 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-10-03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-07-12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010-01-01 09:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2009-02-11 17:24:58 | 000,002,275 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\aolsearch.xml
[2010-01-01 09:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010-12-13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2011-07-15 23:28:31 | 000,002,051 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchstonicla.xml
[2010-01-01 09:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010-01-01 09:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-08-09 14:09:21 | 000,002,493 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2010-01-01 09:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010-01-01 09:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: My Global Search Plugin Stub (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Marc Ecko = C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk\2_0\
CHR - Extension: Gmail = C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-09 22:45:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (CrossRider) - {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Program Files\CrossriderWebApps\Crossrider.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe (MusicLab, LLC)
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [Hotkey] C:\Program Files\office keyboard driver\Hotkey.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.)
O4 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003..\Run: [CrossRiderPlugin] C:\Program Files\CrossriderWebApps\Crossrider.exe (Crossrider)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: ????3?? - Reg Error: Value error. File not found
O8 - Extra context menu item: ????3?????? - Reg Error: Value error. File not found
O8 - Extra context menu item: 使用快车3下载 - C:\Documents and Settings\u\Dane aplikacji\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Documents and Settings\u\Dane aplikacji\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8E04FDC-BED6-4BCF-92DE-6A887ABF9EDC}: NameServer = 62.233.233.233 87.204.204.204
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\datamngr.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\IEBHO.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-06-15 18:43:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7889d2c1-e48b-11e0-9009-4d6564696130}\Shell - "" = AutoRun
O33 - MountPoints2\{7889d2c1-e48b-11e0-9009-4d6564696130}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-02-05 13:33:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-02-04 18:04:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Pulpit\advanced-anti-keylogger
[2012-02-04 16:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012-02-04 16:13:15 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-02-04 14:19:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\ESET
[2012-02-04 14:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\ESET
[2012-02-02 18:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Deluxe Ski Jump 4
[2012-02-02 17:32:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012-02-02 14:49:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Dane aplikacji\Malwarebytes
[2012-02-02 14:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware
[2012-02-02 14:48:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
[2012-02-02 14:48:38 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012-02-02 14:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-02-01 19:04:35 | 000,000,000 | ---D | C] -- C:\rsit
[2012-02-01 18:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012-01-29 22:49:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Menu Start\Programy\Tiveria
[2012-01-29 21:29:30 | 000,027,904 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\VIAAGP1.SYS
[2012-01-29 21:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\WINDOWS
[2012-01-24 17:49:45 | 000,000,000 | ---D | C] -- C:\Program Files\Gadu-Gadu 10
[2012-01-24 17:42:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Pulpit\18153785
[2012-01-22 19:17:28 | 000,000,000 | ---D | C] -- C:\vcs5BGEffects
[2012-01-22 19:16:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Menu Start\Programy\Voice Changer Software DIAMOND
[2012-01-08 19:20:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Dane aplikacji\Notepad++
[2012-01-02 14:07:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\f-secure
[2011-12-28 20:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2011-12-28 20:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar
[2011-12-28 20:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2011-12-20 20:04:14 | 000,000,000 | ---D | C] -- C:\tmp
[2011-12-20 20:04:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Menu Start\Programy\Wirtualna Polska
[2011-12-20 19:51:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Dane aplikacji\teamspeak2
[2011-12-20 18:52:43 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2011-12-20 18:52:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Teamspeak2 RC2
[2011-12-20 18:52:20 | 000,000,000 | ---D | C] -- C:\Program Files\Teamspeak2_RC2
[2011-12-14 15:22:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\PMB Files
[2011-12-14 15:22:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2011-12-14 15:21:42 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011-12-11 20:08:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\cFos
[2011-12-11 20:00:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\cFos
[2011-12-09 21:37:58 | 000,000,000 | RH-D | C] -- C:\AHCache

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-02-05 13:36:02 | 000,001,022 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012-02-05 13:35:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-02-05 12:47:01 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012-02-04 16:30:58 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012-02-04 15:10:04 | 000,000,855 | ---- | M] () -- C:\Documents and Settings\u\.recently-used.xbel
[2012-02-04 13:46:05 | 003,006,764 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\loll.wav
[2012-02-03 22:26:33 | 137,917,484 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\ts3_recording_12_02_03_22_14_30.wav
[2012-02-02 17:32:45 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012-02-02 14:48:41 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-02-02 14:47:33 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-01-31 18:25:56 | 000,000,672 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\Statistic Reader.lnk
[2012-01-31 14:59:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-01-29 23:05:15 | 000,515,660 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012-01-29 23:05:15 | 000,455,376 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-01-29 23:05:15 | 000,095,664 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012-01-29 23:05:15 | 000,075,350 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-01-26 13:38:40 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk
[2012-01-24 17:51:17 | 000,000,791 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-01-24 17:51:17 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-01-05 22:58:06 | 000,000,877 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\Makefile.win
[2012-01-05 22:55:58 | 000,475,678 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\Projekt1.exe
[2012-01-01 15:41:06 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk
[2011-12-20 20:33:28 | 008,952,344 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\SkajpajByBrock.wav
[2011-12-20 18:52:43 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2011-12-20 18:52:35 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\Teamspeak 2 RC2.lnk
[2011-12-10 23:43:15 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\Skrót do metin2.lnk
[2011-12-10 22:12:22 | 000,000,573 | ---- | M] () -- C:\Documents and Settings\u\Pulpit\Mp-Hacks Ghetto sXe 1.0.lnk
[2011-12-10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-02-04 15:10:04 | 000,000,855 | ---- | C] () -- C:\Documents and Settings\u\.recently-used.xbel
[2012-02-04 13:45:49 | 003,006,764 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\loll.wav
[2012-02-03 22:14:34 | 137,917,484 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\ts3_recording_12_02_03_22_14_30.wav
[2012-02-02 14:48:41 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk
[2012-01-31 18:25:56 | 000,000,672 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\Statistic Reader.lnk
[2012-01-24 17:51:17 | 000,000,791 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\OpenFM.lnk
[2012-01-24 17:51:17 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Gadu-Gadu 10.lnk
[2012-01-24 17:50:27 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Gadu-Gadu 10.lnk
[2011-12-20 20:30:04 | 008,952,344 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\SkajpajByBrock.wav
[2011-12-20 18:52:35 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\Teamspeak 2 RC2.lnk
[2011-12-10 23:43:15 | 000,000,610 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\Skrót do metin2.lnk
[2011-12-10 22:10:35 | 000,000,573 | ---- | C] () -- C:\Documents and Settings\u\Pulpit\Mp-Hacks Ghetto sXe 1.0.lnk
[2011-10-23 20:28:48 | 000,412,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1292428093-1482476501-1417001333-1003-0.dat
[2011-10-23 20:28:47 | 000,202,630 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat
[2011-10-16 18:14:09 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\PUTTY.RND
[2011-10-14 22:37:47 | 001,589,248 | ---- | C] () -- C:\WINDOWS\System32\libmysql_d.dll
[2011-09-21 22:01:44 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2011-08-30 11:43:49 | 000,000,169 | ---- | C] () -- C:\WINDOWS\adidsl.ini
[2011-08-30 11:43:49 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini
[2011-08-30 11:43:34 | 000,253,008 | ---- | C] () -- C:\WINDOWS\adirasx64.exe
[2011-08-30 11:43:34 | 000,194,128 | ---- | C] () -- C:\WINDOWS\adiras.exe
[2011-08-30 11:43:32 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\IPDETECT.EXE
[2011-08-30 11:43:27 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P2.BIN
[2011-08-30 11:43:21 | 000,176,128 | ---- | C] () -- C:\WINDOWS\autoclk.exe
[2011-08-30 11:43:21 | 000,024,576 | ---- | C] () -- C:\WINDOWS\enddisk32.exe
[2011-08-30 11:43:20 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll
[2011-08-30 11:43:17 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL
[2011-08-30 11:43:15 | 000,152,308 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I2.BIN
[2011-08-30 11:43:15 | 000,152,306 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I1.BIN
[2011-08-30 11:43:15 | 000,152,306 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I0.BIN
[2011-08-30 11:43:15 | 000,152,146 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P2.BIN
[2011-08-30 11:43:15 | 000,152,145 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P1.BIN
[2011-08-30 11:43:15 | 000,152,145 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P0.BIN
[2011-08-30 11:43:14 | 000,152,036 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D2.BIN
[2011-08-30 11:43:14 | 000,152,034 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D1.BIN
[2011-08-30 11:43:14 | 000,152,034 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D0.BIN
[2011-08-30 11:43:14 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin
[2011-08-30 11:43:12 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P0.BIN
[2011-08-30 11:43:12 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I2.BIN
[2011-08-30 11:43:11 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P1.BIN
[2011-08-30 11:43:10 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I1.BIN
[2011-08-30 11:43:06 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I0.BIN
[2011-08-30 11:24:11 | 000,000,990 | ---- | C] () -- C:\WINDOWS\adiras.ini
[2011-07-26 20:14:34 | 000,000,004 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2011-07-15 23:29:25 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2011-07-15 19:16:59 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\u\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-03 19:39:38 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2011-07-03 19:34:04 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI
[2011-06-18 12:23:06 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011-06-18 11:16:46 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011-06-18 11:03:25 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011-06-18 11:03:24 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011-06-18 11:03:19 | 000,631,808 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011-06-18 11:03:18 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011-06-18 11:03:16 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011-06-16 15:39:21 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011-06-16 15:37:36 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011-06-15 20:26:14 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011-06-15 20:23:59 | 000,192,976 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-06-15 18:51:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011-06-15 18:37:45 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010-01-27 03:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009-06-09 22:45:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009-06-09 22:45:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009-06-09 22:45:00 | 000,515,660 | ---- | C] () -- C:\WINDOWS\System32\perfh015.dat
[2009-06-09 22:45:00 | 000,455,376 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009-06-09 22:45:00 | 000,313,828 | ---- | C] () -- C:\WINDOWS\System32\perfi015.dat
[2009-06-09 22:45:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009-06-09 22:45:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009-06-09 22:45:00 | 000,095,664 | ---- | C] () -- C:\WINDOWS\System32\perfc015.dat
[2009-06-09 22:45:00 | 000,075,350 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009-06-09 22:45:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009-06-09 22:45:00 | 000,034,990 | ---- | C] () -- C:\WINDOWS\System32\perfd015.dat
[2009-06-09 22:45:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009-06-09 22:45:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009-06-09 22:45:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009-06-09 22:45:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009-06-09 22:45:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008-08-28 12:19:18 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\IsDRM.dll
[2008-08-28 12:16:00 | 000,544,768 | ---- | C] () -- C:\WINDOWS\System32\AudioConverter.dll
[2005-11-06 00:34:50 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\Lame.exe
[2005-05-17 21:37:10 | 000,076,800 | ---- | C] () -- C:\WINDOWS\System32\Faac.exe
[2002-09-17 23:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2002-07-19 17:48:22 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\OggEnc.exe
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

[color=#E56717]========== LOP Check ==========[/color]

[2011-08-09 19:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo
[2012-02-02 14:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
[2011-11-20 16:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\avg9
[2011-08-09 14:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess
[2011-12-11 20:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\cFos
[2011-11-20 16:34:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2011-09-21 21:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite
[2011-11-20 16:07:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Easy Driver Pro
[2012-01-02 14:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\f-secure
[2011-07-29 16:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FlyVPN
[2011-06-19 12:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10
[2011-10-16 15:03:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallMate
[2011-06-24 12:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit
[2011-07-15 21:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM
[2011-08-09 19:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\page
[2011-12-14 15:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files
[2011-10-16 15:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Premium
[2011-10-16 15:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SendSpaceExtention
[2011-07-16 10:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-10-14 20:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ticno
[2011-07-16 10:53:14 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{402F10B9-711E-4EF4-BC0E-AFE669ACC04C}
[2012-01-18 16:39:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\.minecraft
[2011-08-09 19:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Ashampoo
[2011-07-15 21:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\BeSpotted
[2011-07-15 18:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\BITS
[2011-10-14 20:48:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Breakpad
[2011-08-09 14:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\bsbandmltbpi
[2011-11-20 15:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\DAEMON Tools Lite
[2012-01-31 20:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Dev-Cpp
[2011-08-08 13:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\DMCache
[2011-07-16 10:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\facemoods.com
[2012-01-04 17:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\FileZilla
[2011-07-03 19:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\FlashGet
[2011-07-03 19:31:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\FlashGetBHO
[2011-06-21 17:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Gadu-Gadu 10
[2011-07-15 22:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\GetRightToGo
[2011-06-16 15:34:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\GHISLER
[2012-02-04 15:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\gtk-2.0
[2011-11-06 17:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\IDM
[2011-10-14 20:47:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Installer
[2011-07-03 19:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\IObit
[2011-08-09 14:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\mediabarbs
[2011-10-05 21:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Mumble
[2011-08-30 11:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Netia
[2012-01-28 19:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Notepad++
[2011-08-03 00:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\ObviousIdea
[2011-07-15 23:09:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\OpenCandy
[2011-07-15 21:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\OpenFM
[2011-10-14 22:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\Ticno
[2011-10-02 10:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\TS3Client
[2011-08-03 23:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\u\Dane aplikacji\XnView

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6900017D
< End of report >
Logfile of random's system information tool 1.09 (written by random/random)
Run by u at 2012-02-05 13:47:13
Microsoft Windows XP Professional Dodatek Service Pack 3
System drive C: has 4 GB (23%) free of 15 GB
Total RAM: 958 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:47:17, on 2012-02-05
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\DATAMN~1.EXE
C:\Program Files\office keyboard driver\Hotkey.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\CrossriderWebApps\Crossrider.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Documents and Settings\u\Moje dokumenty\Downloads\OTL.exe
C:\Documents and Settings\u\Moje dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\u.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CrossRider - {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Program Files\CrossriderWebApps\Crossrider.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [facemoods] "C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [Hotkey] C:\Program Files\office keyboard driver\Hotkey.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/pl.special-uninstallation-feedback-app?lic=OQBBAC0AQQBCAEwAOABZAC0AMgA5AEcANgAyAC0AQwAzADMAQgBBAC0AUQBUAE4AUwBIAC0ARwBFAFQAVwAzAA"&"inst=NwA2AC0AOQA3ADcAOAAxADUANgAyADcALQBEAEQAVAArADAALQBOADEARAArADEALQBTAFQAOQAwAEEAUABQACsAMQAtAFAATAArADkA"&"prod=92"&"ver=9.0.914
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CrossRiderPlugin] C:\Program Files\CrossriderWebApps\Crossrider.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8E04FDC-BED6-4BCF-92DE-6A887ABF9EDC}: NameServer = 62.233.233.233 87.204.204.204
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\IEBHO.dll
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 7008 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default
prefs.js - "browser.startup.homepage" - "http://www.aol.com"
prefs.js - "browser.startup.homepage" - "http://www.aol.com"
prefs.js - "browser.startup.homepage" - "http://www.aol.com"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p="
"crossriderapp1466@crossrider.com"=C:\Documents and Settings\All Users\Dane aplikacji\SendSpaceExtention\firefox
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
C:\Program Files\Mozilla Firefox\extensions\
quickstores@quickstores.de
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi
C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npwachk.dll
C:\Program Files\Mozilla Firefox\searchplugins\
allegro-pl.xml
aolsearch.xml
fbc-pl.xml
fcmdSrchddr.xml
fcmdSrchstonicla.xml
google.xml
merlin-pl.xml
pwn-pl.xml
SearchResults.xml
wikipedia-pl.xml
wp-pl.xml
yahoo.xml
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\
ffxtlbr@Facemoods.com
{1392b8d2-5c05-419f-a8f6-b9f15a596612}
{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\
askcom.xml
conduit.xml
SearchResults.xml
SweetIM Search.xml
sweetim.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A876E312-7D08-401a-B7A6-FAFC5DC2F292}]
CrossRider - C:\Program Files\CrossriderWebApps\Crossrider.dll [2011-05-15 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-08 53248]
"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2006-03-23 176128]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"facemoods"=C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe [2010-10-26 323584]
"DATAMNGR"=C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\DATAMN~1.EXE [2011-06-01 1545144]
"Hotkey"=C:\Program Files\office keyboard driver\Hotkey.exe [2007-06-13 217088]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
""= []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.com/pl.special-uninstallation-feedback-app?lic=OQBBAC0AQQBCAEwAOABZAC0AMgA5AEcANgAyAC0AQwAzADMAQgBBAC0AUQBUAE4AUwBIAC0ARwBFAFQAVwAzAA&inst=NwA2AC0AOQA3ADcAOAAxADUANgAyADcALQBEAEQAVAArADAALQBOADEARAArADEALQBTAFQAOQAwAEEAUABQACsAMQAtAFAATAArADkA&prod=92&ver=9.0.914 []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"CrossRiderPlugin"=C:\Program Files\CrossriderWebApps\Crossrider.exe [2011-05-15 478720]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-06-09 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3]
C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe -minimize []
C:\Documents and Settings\All Users\Menu Start\Programy\Autostart
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\IEBHO.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2009-06-09 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Gadu-Gadu 10\gg.exe"="C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10"
"D:\Program Files\Counter-Strike\cstrike.exe"="D:\Program Files\Counter-Strike\cstrike.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Metin2\metin2.bin"="C:\Program Files\Metin2\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Metin2\metin2client.bin"="C:\Program Files\Metin2\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\Metin2_PL\metin2.bin"="D:\Program Files\Metin2_PL\metin2.bin:*:Enabled:metin2"
"D:\Program Files\AriusMT2\metin2client.bin"="D:\Program Files\AriusMT2\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\Metin2\metin2mod_2011sf.exe"="C:\Program Files\Metin2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf"
"D:\Program Files\Kaladar\Kaladar.exe"="D:\Program Files\Kaladar\Kaladar.exe:*:Enabled:Kaladar"
"C:\Program Files\Metin2\Kaladar.exe"="C:\Program Files\Metin2\Kaladar.exe:*:Enabled:Kaladar"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Documents and Settings\u\Ustawienia lokalne\Temp\NevrasT.bin"="C:\Documents and Settings\u\Ustawienia lokalne\Temp\NevrasT.bin:*:Enabled:NevrasT"
"C:\Program Files\Metin2\Venise.exe"="C:\Program Files\Metin2\Venise.exe:*:Enabled:Venise"
"D:\Program Files\Venise\Venise.exe"="D:\Program Files\Venise\Venise.exe:*:Enabled:Venise"
"C:\Documents and Settings\u\Moje dokumenty\Downloads\Programs\SweetImSetup.exe"="C:\Documents and Settings\u\Moje dokumenty\Downloads\Programs\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\Documents and Settings\u\Ustawienia lokalne\Temp\SweetIMReinstall\SweetImSetup.exe"="C:\Documents and Settings\u\Ustawienia lokalne\Temp\SweetIMReinstall\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\Program Files\Metin2x\metin2.bin"="C:\Program Files\Metin2x\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Metin2x\metin2client.bin"="C:\Program Files\Metin2x\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\Metin2x\Erathia.exe"="C:\Program Files\Metin2x\Erathia.exe:*:Enabled:Erathia"
"D:\Program Files\Erathia\Erathia\metin2client.exe.exe"="D:\Program Files\Erathia\Erathia\metin2client.exe.exe:*:Enabled:metin2client.exe"
"C:\Program Files\Common Files\aol\acs\AOLDial.exe"="C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer"
"C:\Program Files\Common Files\aol\acs\AOLacsd.exe"="C:\Program Files\Common Files\aol\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service"
"C:\Program Files\Common Files\aol\1311702059\ee\aolsoftware.exe"="C:\Program Files\Common Files\aol\1311702059\ee\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\Program Files\AOL 9.5\waol.exe"="C:\Program Files\AOL 9.5\waol.exe:*:Enabled:AOL"
"D:\Program Files\Metin25s2\Metin5.S2.07.02.2011\Metin5_S2.exe"="D:\Program Files\Metin25s2\Metin5.S2.07.02.2011\Metin5_S2.exe:*:Enabled:Metin5_S2"
"D:\Program Files\Metin25s2\Metin5.S2.07.02.2011\metin2.bin"="D:\Program Files\Metin25s2\Metin5.S2.07.02.2011\metin2.bin:*:Enabled:Customizable 2010 Client Launcher"
"D:\Program Files\Metin5.S2.07.02.2011\Metin5_S2.exe"="D:\Program Files\Metin5.S2.07.02.2011\Metin5_S2.exe:*:Enabled:Metin5_S2"
"C:\Program Files\Metin2\Longju.exe"="C:\Program Files\Metin2\Longju.exe:*:Enabled:Longju"
"D:\Program Files\Erathia\Erathia\metin2.bin"="D:\Program Files\Erathia\Erathia\metin2.bin:*:Enabled:metin2"
"C:\Program Files\BearShare\BearShare.exe"="C:\Program Files\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\dtUser.exe"="C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker"
"D:\Program Files\imt2\InsanityMT2\InsanityMT2.exe"="D:\Program Files\imt2\InsanityMT2\InsanityMT2.exe:*:Enabled:InsanityMT2"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Metin2\InsanityMT2.exe"="C:\Program Files\Metin2\InsanityMT2.exe:*:Enabled:InsanityMT2"
"D:\Program Files\InsanityMT2\InsanityMT2.exe"="D:\Program Files\InsanityMT2\InsanityMT2.exe:*:Enabled:InsanityMT2"
"D:\Program Files\AtlantisMT2\metin2.bin"="D:\Program Files\AtlantisMT2\metin2.bin:*:Enabled:metin2"
"D:\Program Files\Alceria\alcpr.bin"="D:\Program Files\Alceria\alcpr.bin:*:Enabled:alcpr"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Metin2\metin2.exe"="C:\Program Files\Metin2\metin2.exe:*:Enabled:metin2"
"D:\Program Files\utorrent.exe"="D:\Program Files\utorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Evenar\metin2client.bin"="D:\Program Files\Evenar\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\Evenar\Erdiana.pl.exe"="D:\Program Files\Evenar\Erdiana.pl.exe:*:Enabled:Erdiana.pl"
"C:\Program Files\Metin2\Erdiana.pl.exe"="C:\Program Files\Metin2\Erdiana.pl.exe:*:Enabled:Erdiana.pl"
"D:\Program Files\Client\metin2clientexe.exe"="D:\Program Files\Client\metin2clientexe.exe:*:Enabled:metin2clientexe"
"D:\Program Files\Evenar\Elestium.exe"="D:\Program Files\Evenar\Elestium.exe:*:Enabled:Elestium"
"D:\Program Files\Evenar\metin2.bin"="D:\Program Files\Evenar\metin2.bin:*:Enabled:metin2"
"D:\Program Files\CavalosMT2\patch.bin"="D:\Program Files\CavalosMT2\patch.bin:*:Enabled:patch"
"D:\Program Files\CavalosMT2\Launcher.exe"="D:\Program Files\CavalosMT2\Launcher.exe:*:Enabled:Launcher"
"D:\Program Files\CavalosMT2\metin2mod_2011sf.exe"="D:\Program Files\CavalosMT2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf"
"C:\Program Files\Metin2Pl\metin2.exe"="C:\Program Files\Metin2Pl\metin2.exe:*:Enabled:metin2"
"C:\Program Files\Metin2Pl\metin2.bin"="C:\Program Files\Metin2Pl\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Metin2Pl\metin2client.bin"="C:\Program Files\Metin2Pl\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\Tiveria\game.bin"="D:\Program Files\Tiveria\game.bin:*:Enabled:game"
"D:\Program Files\Klient Divine World\metin2.bin"="D:\Program Files\Klient Divine World\metin2.bin:*:Enabled:metin2"
"D:\Program Files\Klient Divine World\DivineWorld.exe"="D:\Program Files\Klient Divine World\DivineWorld.exe:*:Enabled:DivineWorld"
"D:\Program Files\XenoxMt2\XenoxMT2 Launcher.exe"="D:\Program Files\XenoxMt2\XenoxMT2 Launcher.exe:*:Enabled:XenoxMT2 Launcher"
"D:\Program Files\DivineWorld\DivineWorld.exe"="D:\Program Files\DivineWorld\DivineWorld.exe:*:Enabled:DivineWorld"
"D:\Program Files\Klient Divine World\metin2client.bin"="D:\Program Files\Klient Divine World\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\Airo\AiroClient.bin"="D:\Program Files\Airo\AiroClient.bin:*:Enabled:AiroClient"
"D:\Program Files\Airo\metin2client.bin"="D:\Program Files\Airo\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\DivineWorld\EternalMT2.exe"="D:\Program Files\DivineWorld\EternalMT2.exe:*:Enabled:EternalMT2"
"D:\Program Files\DivineWorld\Nexusmt2 Uruchom.exe"="D:\Program Files\DivineWorld\Nexusmt2 Uruchom.exe:*:Enabled:Nexusmt2 Uruchom"
"D:\Program Files\UnlimitedWorld-Client\UnlimitedWorld.exe"="D:\Program Files\UnlimitedWorld-Client\UnlimitedWorld.exe:*:Enabled:UnlimitedWorld"
"D:\Program Files\Abyss\Metin2\abyss.exe"="D:\Program Files\Abyss\Metin2\abyss.exe:*:Enabled:abyss"
"D:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="D:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"D:\Program Files\EA GAMES\Battlefield 2\Bf2_w32ded.exe"="D:\Program Files\EA GAMES\Battlefield 2\Bf2_w32ded.exe:*:Enabled:Bf2_w32ded"
"D:\Program Files\EA GAMES\Battlefield 2\BF2VoipServer_w32ded.exe"="D:\Program Files\EA GAMES\Battlefield 2\BF2VoipServer_w32ded.exe:*:Enabled:BF2VoipServer_w32ded"
"D:\Program Files\DivineWorld\metin2client.bin"="D:\Program Files\DivineWorld\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\UnlimitedWorld-Client\Aventer.exe"="D:\Program Files\UnlimitedWorld-Client\Aventer.exe:*:Enabled:Aventer"
"D:\Program Files\UnlimitedWorld-Client\metin2client.bin"="D:\Program Files\UnlimitedWorld-Client\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\UnlimitedWorld-Client\metin2client1.exe"="D:\Program Files\UnlimitedWorld-Client\metin2client1.exe:*:Enabled:metin2client1"
"D:\Program Files\DivineWorld\Aventer.exe"="D:\Program Files\DivineWorld\Aventer.exe:*:Enabled:Aventer"
"D:\Program Files\New Beginning\Aventer.exe"="D:\Program Files\New Beginning\Aventer.exe:*:Enabled:Aventer"
"D:\Program Files\UnlimitedWorld-Client\SSMt2.exe"="D:\Program Files\UnlimitedWorld-Client\SSMt2.exe:*:Enabled:SSMt2"
"C:\Program Files\Common Files\aol\1321607345\ee\aolsoftware.exe"="C:\Program Files\Common Files\aol\1321607345\ee\aolsoftware.exe:*:Enabled:AOL Shared Components"
"D:\Program Files\Metin2 Singapore\metin2.bin"="D:\Program Files\Metin2 Singapore\metin2.bin:*:Enabled:metin2"
"D:\Program Files\nb\New Beginning\Leiria.exe.exe"="D:\Program Files\nb\New Beginning\Leiria.exe.exe:*:Enabled:Leiria.exe"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"
"D:\Program Files\New Beginning\metin2.bin"="D:\Program Files\New Beginning\metin2.bin:*:Enabled:metin2"
"D:\Program Files\New Beginning\metin2client.bin"="D:\Program Files\New Beginning\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\New Beginning\wmdc.bin"="D:\Program Files\New Beginning\wmdc.bin:*:Enabled:wmdc"
"D:\Program Files\New Beginning\Sevoris.pl.exe"="D:\Program Files\New Beginning\Sevoris.pl.exe:*:Enabled:Sevoris.pl"
"D:\Program Files\nb\New Beginning\Sevoris.pl.exe"="D:\Program Files\nb\New Beginning\Sevoris.pl.exe:*:Enabled:Sevoris.pl"
"D:\Program Files\New Beginning\AnxoMT2.exe"="D:\Program Files\New Beginning\AnxoMT2.exe:*:Enabled:AnxoMT2"
"D:\Program Files\New Beginning\metin2client.exe"="D:\Program Files\New Beginning\metin2client.exe:*:Enabled:metin2client"
"D:\Program Files\nb\New Beginning\metin2client.exe"="D:\Program Files\nb\New Beginning\metin2client.exe:*:Enabled:metin2client"
"D:\Program Files\nb\xd\metin2client.exe"="D:\Program Files\nb\xd\metin2client.exe:*:Enabled:metin2client"
"D:\Program Files\nb\xd\Leiria.exe.exe"="D:\Program Files\nb\xd\Leiria.exe.exe:*:Enabled:Leiria.exe"
"D:\Program Files\nb\xd\metin2client.bin"="D:\Program Files\nb\xd\metin2client.bin:*:Enabled:metin2client"
"D:\Program Files\New Beginning\Venise s2.exe"="D:\Program Files\New Beginning\Venise s2.exe:*:Enabled:Venise s2"
"C:\Documents and Settings\u\Pulpit\ECC5_2\ECC\Blackshades server.exe"="C:\Documents and Settings\u\Pulpit\ECC5_2\ECC\Blackshades server.exe:*:Enabled:Windows Messanger"
"C:\Documents and Settings\u\Dane aplikacji\winupdate34.exe"="C:\Documents and Settings\u\Dane aplikacji\winupdate34.exe:*:Enabled:Windows Messanger"
"D:\Program Files\New Beginning\Używać Przy Problemach z AutoPatcherem.exe"="D:\Program Files\New Beginning\Używać Przy Problemach z AutoPatcherem.exe:*:Enabled:Używać Przy Problemach z AutoPatcherem"
"D:\Program Files\New Beginning\Anadia.exe"="D:\Program Files\New Beginning\Anadia.exe:*:Enabled:Anadia"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Program Files\New Beginning\Atlantica.exe"="D:\Program Files\New Beginning\Atlantica.exe:*:Enabled:Atlantica"
"D:\Program Files\New Beginning\starter.exe"="D:\Program Files\New Beginning\starter.exe:*:Enabled:starter"
"D:\Program Files\patcher\patcher\metin2.bin"="D:\Program Files\patcher\patcher\metin2.bin:*:Enabled:metin2"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.vorbis"=vorbis.acm
"VIDC.FPS1"=frapsvid.dll
"msacm.lhacm"=lhacm.acm
======List of files/folders created in the last 1 month======
2012-02-05 13:33:53 ----D---- C:\_OTL
2012-02-04 16:19:51 ----D---- C:\Program Files\Common Files\Bitdefender
2012-02-04 16:13:15 ----SHD---- C:\Config.Msi
2012-02-02 17:32:25 ----D---- C:\WINDOWS\pss
2012-02-02 14:49:07 ----D---- C:\Documents and Settings\u\Dane aplikacji\Malwarebytes
2012-02-02 14:48:40 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes
2012-02-02 14:48:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-02-02 14:48:38 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2012-02-01 19:04:35 ----D---- C:\rsit
2012-02-01 18:45:10 ----D---- C:\Program Files\Trend Micro
2012-01-29 21:29:30 ----A---- C:\WINDOWS\system32\drivers\VIAAGP1.SYS
2012-01-24 17:49:45 ----D---- C:\Program Files\Gadu-Gadu 10
2012-01-22 19:17:28 ----D---- C:\vcs5BGEffects
2012-01-08 19:20:34 ----D---- C:\Documents and Settings\u\Dane aplikacji\Notepad++
======List of files/folders modified in the last 1 month======
2012-02-05 13:36:37 ----D---- C:\WINDOWS\Temp
2012-02-05 13:35:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-02-05 13:34:49 ----D---- C:\WINDOWS\system32
2012-02-05 13:34:49 ----D---- C:\WINDOWS
2012-02-05 13:33:57 ----D---- C:\Program Files\Common Files
2012-02-05 13:05:10 ----D---- C:\WINDOWS\Prefetch
2012-02-05 11:59:34 ----D---- C:\WINDOWS\system32\drivers
2012-02-04 20:17:43 ----D---- C:\WINDOWS\Minidump
2012-02-04 20:17:37 ----RD---- C:\Program Files
2012-02-04 16:30:58 ----A---- C:\WINDOWS\NeroDigital.ini
2012-02-04 16:29:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2012-02-04 16:16:02 ----SHD---- C:\WINDOWS\Installer
2012-02-04 16:14:01 ----HD---- C:\WINDOWS\inf
2012-02-04 15:10:04 ----D---- C:\Documents and Settings\u\Dane aplikacji\gtk-2.0
2012-02-04 14:21:31 ----D---- C:\Program Files\Application Updater
2012-02-04 14:14:56 ----D---- C:\WINDOWS\system32\CatRoot2
2012-02-02 17:32:45 ----SH---- C:\boot.ini
2012-02-02 17:32:45 ----A---- C:\WINDOWS\win.ini
2012-02-02 17:32:45 ----A---- C:\WINDOWS\system.ini
2012-02-02 15:10:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2012-02-02 14:48:00 ----D---- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software
2012-02-01 18:45:15 ----SD---- C:\Documents and Settings\u\Dane aplikacji\Microsoft
2012-01-31 20:36:56 ----D---- C:\Documents and Settings\u\Dane aplikacji\Dev-Cpp
2012-01-29 23:09:09 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-29 23:05:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-29 23:04:22 ----RSD---- C:\WINDOWS\assembly
2012-01-29 23:03:52 ----D---- C:\WINDOWS\WinSxS
2012-01-29 22:52:53 ----D---- C:\WINDOWS\system32\en-US
2012-01-29 21:29:33 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-01-29 21:29:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-20 18:13:54 ----D---- C:\Documents and Settings\u\Dane aplikacji\teamspeak2
2012-01-18 16:39:14 ----D---- C:\Documents and Settings\u\Dane aplikacji\.minecraft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 gagp30kx;Filtr rodzajowy AGPv3.0 firmy Microsoft dla platform procesora K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-10-30 443448]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2008-09-25 12952]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
R3 e4usbaw;USB ADSL2 WAN Adapter; C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2007-01-04 104344]
R3 FETNDIS;Sterownik NT karty VIA PCI 10/100Mb Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Sterownik Microsoft klasy HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Sterownik myszy HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-26 12160]
R3 usbuhci;Sterownik Miniport uniwersalnego kontrolera hosta USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2009-06-09 20608]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2006-04-13 252416]
S2 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys); C:\WINDOWS\System32\Drivers\e4ldr.sys [2007-01-04 69656]
S3 ab9uu1v6;ab9uu1v6; C:\WINDOWS\system32\drivers\ab9uu1v6.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 injectDLL;injectDLL; \??\C:\Documents and Settings\u\Pulpit\injectDLL.sys []
S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys []
S3 usbccgp;Rodzajowy sterownik nadrzędny USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;Sterownik magazynu masowego USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-06-09 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-06-09 82944]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Usługa Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-19 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-19 136176]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Usługa udostępniania w sieci programu Windows Media Player; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-12-01 918016]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-06-09 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
[/spoiler]

[quote name='Natsuki Kuga' timestamp='1328443172' post='1436839']
Do OTL wklej:
[log]
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://home.sweetim.com"]http://home.sweetim.com[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://start.facemoo...earchTerms}&f=4"]http://start.facemoo...earchTerms}&f=4[/url]
IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=2&q="
[2011-11-18 09:57:06 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
[2011-11-18 09:57:11 | 000,000,000 | ---D | M] (butterscotch Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5}
[2011-11-18 09:57:17 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011-08-09 14:09:48 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
[2011-07-15 22:22:30 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011-07-15 23:28:13 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\ffxtlbr@Facemoods.com
[2011-09-25 14:19:44 | 000,002,566 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\askcom.xml
[2011-08-27 18:09:44 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\conduit.xml
[2011-08-09 14:09:21 | 000,002,493 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\SearchResults.xml
[2011-07-15 22:23:47 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\SweetIM Search.xml
[2011-07-15 22:21:59 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\sweetim.xml
[2011-11-20 15:20:15 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de
[2011-12-28 20:40:39 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2011-12-28 20:40:39 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES\IOBIT TOOLBAR\FF
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O8 - Extra context menu item: ????3?? - Reg Error: Value error. File not found
O8 - Extra context menu item: ????3?????? - Reg Error: Value error. File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\datamngr.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\IEBHO.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)

:Files
C:\Program Files\Common Files\ApnToolbarInstaller.exe
C:\Program Files\Common Files\ApnStub.exe
C:\Documents and Settings\All Users\Dane aplikacji\830D
C:\Documents and Settings\u\Dane aplikacji\QuickStoresToolbar
C:\Documents and Settings\u\Dane aplikacji\Search Settings
C:\Program Files\MyGlobalSearch

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}"=-
"{37B85A29-692B-4205-9CAD-2626E4993404}"=-
"{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}"=-
"{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}"=-
"{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}"=-

:Commands
[emptytemp]
[/log]
[b]Wykonaj skrypt,[/b] pokaż raport.

Po wykonaniu pokaż nowe logi z OTL i RSIT.
[/quote]
Co myślisz o nowych logach?

Natsuki Kuga
komentarz
komentarz

Skrypt najwyraźniej się nie wykonał - kliknąłeś [b]Wykonaj skrypt[/b] po wklejeniu tego co podałam? Miał wyjść raport. Po zrobieniu tego kliknij [b]Skanuj[/b] w OTL i dopiero pokaż log.

Poczytaj o emulatorach napędów: [url="http://www.searchengines.pl/forum-99/announcement-20-WAZNE-Oprogramowanie-emulujace-napedy/"]http://www.searcheng...ulujace-napedy/[/url] usuń/zdezaktywuj je tymczasowo i wykonaj log z Gmer: [url="http://www.forumpc.pl/index.php?showtopic=116175"]http://www.forumpc.p...howtopic=116175[/url]

  • Dobra wypowiedź 1
kahan32
komentarz
komentarz

Tak wykonałem skrypt i otrzymałem taki raport.
[spoiler]All processes killed
Error: Unable to interpret <E - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoo...earchTerms}&f=4> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "http://www.aol.com"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "http://www.aol.com"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "http://www.aol.com"> in the current context!
Error: Unable to interpret <FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=2&q="> in the current context!
Error: Unable to interpret <[2011-11-18 09:57:06 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}> in the current context!
Error: Unable to interpret <[2011-11-18 09:57:11 | 000,000,000 | ---D | M] (butterscotch Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5}> in the current context!
Error: Unable to interpret <[2011-11-18 09:57:17 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}> in the current context!
Error: Unable to interpret <[2011-08-09 14:09:48 | 000,000,000 | ---D | M] (MediaBar) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}> in the current context!
Error: Unable to interpret <[2011-07-15 22:22:30 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}> in the current context!
Error: Unable to interpret <[2011-07-15 23:28:13 | 000,000,000 | ---D | M] (Facemoods) -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\ffxtlbr@Facemoods.com> in the current context!
Error: Unable to interpret <[2011-09-25 14:19:44 | 000,002,566 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\askcom.xml> in the current context!
Error: Unable to interpret <[2011-08-27 18:09:44 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\conduit.xml> in the current context!
Error: Unable to interpret <[2011-08-09 14:09:21 | 000,002,493 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\SearchResults.xml> in the current context!
Error: Unable to interpret <[2011-07-15 22:23:47 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\SweetIM Search.xml> in the current context!
Error: Unable to interpret <[2011-07-15 22:21:59 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\sweetim.xml> in the current context!
Error: Unable to interpret <[2011-11-20 15:20:15 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de> in the current context!
Error: Unable to interpret <[2011-12-28 20:40:39 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM> in the current context!
Error: Unable to interpret <[2011-12-28 20:40:39 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES\IOBIT TOOLBAR\FF> in the current context!
Error: Unable to interpret <O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)> in the current context!
Error: Unable to interpret <O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)> in the current context!
Error: Unable to interpret <O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)> in the current context!
Error: Unable to interpret <O2 - BHO: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll (Spigot, Inc.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (MediaBar) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll ()> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKU\S-1-5-21-1292428093-1482476501-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [] File not found> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: ????3?? - Reg Error: Value error. File not found> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: ????3?????? - Reg Error: Value error. File not found> in the current context!
Error: Unable to interpret <O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\datamngr.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)> in the current context!
Error: Unable to interpret <O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\IEBHO.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)> in the current context!
========== FILES ==========
C:\Program Files\Common Files\ApnToolbarInstaller.exe moved successfully.
C:\Program Files\Common Files\ApnStub.exe moved successfully.
C:\Documents and Settings\All Users\Dane aplikacji\830D folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\QuickStoresToolbar folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Search Settings\temp folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Search Settings\res folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Search Settings folder moved successfully.
File\Folder C:\Program Files\MyGlobalSearch not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users
->Flash cache emptied: 35 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: u
->Temp folder emptied: 516942989 bytes
->Temporary Internet Files folder emptied: 51543328 bytes
->Java cache emptied: 156538 bytes
->FireFox cache emptied: 45364106 bytes
->Google Chrome cache emptied: 223974891 bytes
->Flash cache emptied: 47533 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 98304 bytes
%systemroot%\System32 .tmp files removed: 2596 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 491628 bytes
RecycleBin emptied: 52770576 bytes

Total Files Cleaned = 850,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 02052012_133353
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
[/spoiler]

po czym zrobiłem jeszcze jeden Wykonaj skrypt i drugi raport był taki.
[spoiler]All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1292428093-1482476501-1417001333-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}\ not found.
C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll moved successfully.
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "http://www.aol.com" removed from browser.startup.homepage
Prefs.js: "http://www.aol.com" removed from browser.startup.homepage
Prefs.js: "http://www.aol.com" removed from browser.startup.homepage
Prefs.js: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=2&q=" removed from sweetim.toolbar.previous.keyword.URL
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\searchplugin folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\modules folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\META-INF folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\defaults folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\chrome folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612} folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5}\searchplugin folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5}\modules folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5}\META-INF folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5}\defaults folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5}\components folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5}\chrome folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{ab64cb5e-bb6c-4761-b0c5-fd51824f89c5} folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\components folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\searchbar folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\options folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\uwa folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\radio\images folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\radio\css folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\radio folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\images folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\default folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels\css folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib\panels folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin\lib folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\skin folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.PPCBully folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\js folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\images folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook\css folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.MyStartFacebook folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\scripts folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\images folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin\css folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Coupons_v2\skin folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Coupons_v2\js folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Coupons_v2\images folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Coupons_v2\css folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\net.vmn.www.Coupons_v2 folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets\com.djboxservice.dj.DJBox folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\widgets folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\modules folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\lib folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\data\search folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content\data folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome\content folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\chrome folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\skin folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\nl-NL folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\it-IT folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\fr-FR folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\es-ES folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\en-US folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\de-DE folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\content folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\ffxtlbr@Facemoods.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\ffxtlbr@Facemoods.com\defaults folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\ffxtlbr@Facemoods.com\content\preferences folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\ffxtlbr@Facemoods.com\content\images folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\ffxtlbr@Facemoods.com\content folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\ffxtlbr@Facemoods.com\components folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\ffxtlbr@Facemoods.com\chrome folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\extensions\ffxtlbr@Facemoods.com folder moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\SearchResults.xml moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\SweetIM Search.xml moved successfully.
C:\Documents and Settings\u\Dane aplikacji\Mozilla\Firefox\Profiles\6zhh3pm6.default\searchplugins\sweetim.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\components folder moved successfully.
C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM folder moved successfully.
C:\PROGRAM FILES\IOBIT TOOLBAR\FF\chrome\skin folder moved successfully.
C:\PROGRAM FILES\IOBIT TOOLBAR\FF\chrome\locale\EN-US folder moved successfully.
C:\PROGRAM FILES\IOBIT TOOLBAR\FF\chrome\locale folder moved successfully.
C:\PROGRAM FILES\IOBIT TOOLBAR\FF\chrome\content folder moved successfully.
C:\PROGRAM FILES\IOBIT TOOLBAR\FF\chrome folder moved successfully.
C:\PROGRAM FILES\IOBIT TOOLBAR\FF folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}\ not found.
File C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}\ not found.
C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ not found.
C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ not found.
C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}\ not found.
File C:\Program Files\IObit Toolbar\IE\4.9\iobitToolbarIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ not found.
File C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\bsdtxmltbpi.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\ deleted successfully.
C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
Registry value HKEY_USERS\S-1-5-21-1292428093-1482476501-1417001333-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-1292428093-1482476501-1417001333-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\????3??\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\????3??????\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\datamngr.dll deleted successfully.
File pInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\datamngr.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\datamngr.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\IEBHO.dll deleted successfully.
File pInit_DLLs: (C:\PROGRA~1\BEARSH~2\MediaBar\Datamngr\IEBHO.dll) -C:\Program Files\BearShare Applications\MediaBar\Datamngr\IEBHO.dll not found.
========== FILES ==========
File\Folder C:\Program Files\Common Files\ApnToolbarInstaller.exe not found.
File\Folder C:\Program Files\Common Files\ApnStub.exe not found.
File\Folder C:\Documents and Settings\All Users\Dane aplikacji\830D not found.
File\Folder C:\Documents and Settings\u\Dane aplikacji\QuickStoresToolbar not found.
File\Folder C:\Documents and Settings\u\Dane aplikacji\Search Settings not found.
File\Folder C:\Program Files\MyGlobalSearch not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: u
->Temp folder emptied: 3556930 bytes
->Temporary Internet Files folder emptied: 646240 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 220704116 bytes
->Flash cache emptied: 1187 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 1880840 bytes

Total Files Cleaned = 216,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 02052012_190224
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
[/spoiler]

Logi z GAMER[log]GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-02-06 21:29:14
Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_SV4003H rev.RB100-02
Running: d61qlzhj.exe; Driver: C:\DOCUME~1\u\USTAWI~1\Temp\uxxdyaow.sys

---- System - GMER 1.0.15 ----
SSDT sptd.sys ZwCreateKey [0xF7396FA0]
SSDT sptd.sys ZwEnumerateKey [0xF73CB018]
SSDT sptd.sys ZwEnumerateValueKey [0xF73CB3A6]
SSDT sptd.sys ZwOpenKey [0xF7396F80]
SSDT sptd.sys ZwQueryKey [0xF73CB47E]
SSDT sptd.sys ZwQueryValueKey [0xF73CB2FE]
SSDT sptd.sys ZwSetValueKey [0xF73CB510]
INT 0x62 ? 859A3CB8
INT 0x73 ? 856E2CB8
INT 0x73 ? 856E2CB8
INT 0x73 ? 856E2CB8
INT 0x73 ? 856E2CB8
INT 0x73 ? 856E2CB8
INT 0x73 ? 856E2CB8
INT 0x82 ? 859A3CB8
---- Kernel code sections - GMER 1.0.15 ----
.text sptd.sys F735A000 32 Bytes [E0, 36, 6D, 80, 5E, 87, 6D, ...]
.text sptd.sys F735A024 408 Bytes [72, 1A, 53, 80, 80, 4F, 54, ...]
.text sptd.sys F735A1BD 15 Bytes [70, 53, 80, D2, F7, 5C, 80, ...]
.text sptd.sys F735A1D4 4 Bytes [F3, A5, 6A, 4D] {REP MOVSD ; PUSH 0x4d}
.text sptd.sys F735A1DC 1 Byte [02]
.text ...
.sptd2 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd2" section [0xF74049E3]
? C:\WINDOWS\system32\drivers\sptd.sys Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.
.text USBPORT.SYS!DllUnload F70D68AC 5 Bytes JMP 856E21C8
.text ahpqpdmo.SYS F6C59306 74 Bytes [00, 00, 00, 40, 03, 00, 40, ...]
.text ahpqpdmo.SYS F6C59351 87 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text ahpqpdmo.SYS F6C593A9 10 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text ahpqpdmo.SYS F6C593B4 34 Bytes [40, 00, 00, C8, 50, 41, 47, ...]
.text ahpqpdmo.SYS F6C593D7 1 Byte [00]
.text ...
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG] [F735C20E] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR] [F735B70C] sptd.sys
IAT \WINDOWS\system32\DRIVERS\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR] [F735BEEE] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F735B70C] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F735B8F0] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F735B832] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F735C0CC] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F735BEEE] sptd.sys
IAT \SystemRoot\System32\Drivers\ahpqpdmo.SYS[HAL.dll!KeGetCurrentIrql] 830C4D8A
IAT \SystemRoot\System32\Drivers\ahpqpdmo.SYS[HAL.dll!KfAcquireSpinLock] 0001CCB8
IAT \SystemRoot\System32\Drivers\ahpqpdmo.SYS[HAL.dll!KfReleaseSpinLock] 48880000
IAT \SystemRoot\System32\Drivers\ahpqpdmo.SYS[HAL.dll!KfRaiseIrql] C0940F68
IAT \SystemRoot\System32\Drivers\ahpqpdmo.SYS[HAL.dll!KfLowerIrql] 8B55C35D
IAT \SystemRoot\System32\Drivers\ahpqpdmo.SYS[USBD.SYS!USBD_CreateConfigurationRequestEx] 458D5653
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F736FF56] sptd.sys
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 859A21E8
Device \Driver\usbuhci \Device\USBPDO-0 858481E8
Device \Driver\PCI_PNP9628 \Device\00000044 sptd.sys
Device \Driver\usbuhci \Device\USBPDO-1 858481E8
Device \Driver\usbuhci \Device\USBPDO-2 858481E8
Device \Driver\usbuhci \Device\USBPDO-3 858481E8
Device \Driver\usbehci \Device\USBPDO-4 856CB1E8
Device \Driver\Cdrom \Device\CdRom0 856F41E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F72C5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F72C5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F72C5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F72C5B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Cdrom \Device\CdRom1 856F41E8
Device \Driver\NetBT \Device\NetBt_Wins_Export 8587C1E8
Device \Driver\NetBT \Device\NetbiosSmb 8587C1E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{266FC8B5-672E-474F-8C3C-43EC40731605} 8587C1E8
Device \Driver\usbuhci \Device\USBFDO-0 858481E8
Device \Driver\usbuhci \Device\USBFDO-1 858481E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 856A91E8
Device \Driver\usbuhci \Device\USBFDO-2 858481E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 856A91E8
Device \Driver\usbuhci \Device\USBFDO-3 858481E8
Device \Driver\usbehci \Device\USBFDO-4 856CB1E8
Device \Driver\ahpqpdmo \Device\Scsi\ahpqpdmo1Port2Path0Target0Lun0 855F31E8
Device \Driver\ahpqpdmo \Device\Scsi\ahpqpdmo1 855F31E8
Device \FileSystem\Cdfs \Cdfs 852D0430
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xD1 0x93 0x01 0x4D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x5C 0x4A 0x47 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x4D 0xB2 0xAD 0x86 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFB 0xB4 0x5C 0xCC ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xD1 0x93 0x01 0x4D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x5D 0x5C 0x4A 0x47 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x4D 0xB2 0xAD 0x86 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFB 0xB4 0x5C 0xCC ...
Reg HKLM\SOFTWARE\Classes\CLSID\{2952154b-77d4-47e8-a1b2-502af024900b}@Model 219
Reg HKLM\SOFTWARE\Classes\CLSID\{2952154b-77d4-47e8-a1b2-502af024900b}@Therad 31
Reg HKLM\SOFTWARE\Classes\CLSID\{2952154b-77d4-47e8-a1b2-502af024900b}@MData 0x2B 0x8F 0x78 0x29 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}@scansk 0x6A 0x88 0xA4 0xA4 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{10F21F0D-BCA7-9E26-E654-9A8B84FFA95F}
---- EOF - GMER 1.0.15 ----
[/log]

Natsuki Kuga
komentarz
komentarz

Do [url="http://jpshortstuff.247fixes.com/SystemLook.exe"][b]SystemLook[/b][/url] wklej:
[code]
:file
C:\System32\Drivers\ahpqpdmo.SYS
[/code]
[b]Look,[/b] pokaż raport.

  • Dobra wypowiedź 1
kahan32
komentarz
komentarz

[spoiler]SystemLook 30.07.11 by jpshortstuff
Log created at 16:03 on 07/02/2012 by u
Administrator - Elevation successful
========== file ==========
C:\System32\Drivers\ahpqpdmo.SYS - Unable to find/read file.
-= EOF =-[/spoiler]

Takie coś z sYSTEM Look

Natsuki Kuga
komentarz
komentarz

Jest ok.

W OTL kliknij [b]Sprzątanie[/b] - to usunie go wraz z jego kwarantanną. Inne narzędzia użyte w tym temacie też możesz usunąć.

  • Dobra wypowiedź 1
kahan32
komentarz
komentarz

Czyli keyylogera nie mam?
Thx za pomoc
Pozdrawiam

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.