x-kom hosting

[Rozwiązane] Problem z explorer.exe - czarny ekran + kursor

bobstar
utworzono
utworzono

Witam. proszę o pomoc. Gdy włączam laptopa (MSI PR600) system (VISTA 32) uruchamia się do momentu pojawienia się czarnego ekranu + kursora.
aby uruchomić pulpit, musze dać alt+ctrl+del i w menagerze zadań dodać nowe zadanie explorer.exe.
dopiero wtedy komputer "ładuje się" normalnie i pojawia się pulpit itp.
poniżej logi. prosze o pomoc jak naprawić ten problem
pozdrawiam

Log z otl: otl.txt
[log]
OTL logfile created on: 2012-04-20 09:38:06 - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Gosia\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,99 Gb Total Physical Memory | 0,64 Gb Available Physical Memory | 32,10% Memory free
4,22 Gb Paging File | 2,76 Gb Available in Paging File | 65,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 88,87 Gb Total Space | 3,60 Gb Free Space | 4,06% Space Free | Partition Type: NTFS
Drive E: | 59,20 Gb Total Space | 9,55 Gb Free Space | 16,13% Space Free | Partition Type: NTFS

Computer Name: GOSIA-PC | User Name: Gosia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-04-20 09:35:03 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Gosia\Desktop\OTL.exe
PRC - [2012-03-29 16:56:31 | 000,400,344 | ---- | M] (Mozilla Messaging) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2012-03-03 12:05:37 | 000,250,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11f_ActiveX.exe
PRC - [2012-02-29 08:55:08 | 017,148,552 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2012-02-24 19:58:24 | 000,307,824 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011-11-16 16:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2011-08-26 09:51:45 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Gosia\AppData\Local\Google\Update\GoogleUpdate.exe
PRC - [2011-06-09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2011-04-13 22:16:03 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2011-04-12 18:07:38 | 000,198,656 | ---- | M] () -- C:\Users\Gosia\winlogon.exe
PRC - [2010-11-04 18:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2010-08-17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-01-19 18:29:02 | 000,713,544 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010-01-19 18:27:18 | 001,043,784 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009-11-09 05:17:50 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009-06-07 14:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\nlssrv32.exe
PRC - [2009-04-30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009-04-11 08:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 08:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009-04-11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-03-31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009-02-26 13:57:18 | 000,252,952 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2009-02-26 13:57:16 | 000,150,552 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2009-02-26 13:57:12 | 000,173,592 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2009-01-10 04:07:13 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-06-14 01:02:04 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMCONFIG.exe
PRC - [2008-05-30 01:22:32 | 000,331,776 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMProcess.exe
PRC - [2008-05-30 01:22:32 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\StartAutorun.exe
PRC - [2008-05-30 01:22:32 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMWDSrv.exe
PRC - [2008-01-29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2008-01-18 23:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2008-01-18 23:33:40 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008-01-18 23:33:38 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe
PRC - [2008-01-18 23:33:38 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-18 23:33:16 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-18 23:33:06 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2007-02-12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro\o2flash.exe
PRC - [2006-12-19 16:23:38 | 000,272,024 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PRC - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
PRC - [2006-11-02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2006-03-22 12:07:22 | 000,040,960 | ---- | M] () -- C:\Program Files\System Control Manager\edd.exe
PRC - [2006-02-28 13:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2005-02-16 16:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-04-20 09:35:03 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Gosia\Desktop\OTL.exe
MOD - [2012-03-29 16:56:32 | 001,969,112 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\mozjs.dll
MOD - [2012-03-29 16:56:32 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\freebl3.dll
MOD - [2012-03-29 16:56:32 | 000,033,240 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\mozglue.dll
MOD - [2012-03-29 16:56:32 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\mozalloc.dll
MOD - [2012-03-29 16:56:31 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\nss3.dll
MOD - [2012-03-29 16:56:31 | 000,400,344 | ---- | M] (Mozilla Messaging) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
MOD - [2012-03-29 16:56:31 | 000,371,672 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Thunderbird\mozsqlite3.dll
MOD - [2012-03-29 16:56:31 | 000,371,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\nssckbi.dll
MOD - [2012-03-29 16:56:31 | 000,175,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\nspr4.dll
MOD - [2012-03-29 16:56:31 | 000,170,968 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\softokn3.dll
MOD - [2012-03-29 16:56:31 | 000,162,776 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012-03-29 16:56:31 | 000,158,680 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\ssl3.dll
MOD - [2012-03-29 16:56:31 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\nssdbm3.dll
MOD - [2012-03-29 16:56:31 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\smime3.dll
MOD - [2012-03-29 16:56:31 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\nssutil3.dll
MOD - [2012-03-29 16:56:31 | 000,021,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\plc4.dll
MOD - [2012-03-29 16:56:31 | 000,021,976 | ---- | M] () -- C:\Program Files\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012-03-29 16:56:31 | 000,018,904 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\plds4.dll
MOD - [2012-03-29 16:56:30 | 016,911,320 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\xul.dll
MOD - [2012-03-29 16:56:30 | 000,019,416 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Thunderbird\xpcom.dll
MOD - [2012-03-22 12:58:12 | 001,231,472 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6934F32E05F1ABDC.dll
MOD - [2012-03-22 12:57:44 | 003,050,608 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_17695C964715481C.dll
MOD - [2012-03-22 12:57:39 | 000,192,112 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
MOD - [2012-03-21 21:07:37 | 000,821,672 | ---- | M] (Google Inc.) -- C:\Users\Gosia\AppData\Local\Google\Update\1.3.21.111\goopdate.dll
MOD - [2012-03-03 12:05:37 | 008,632,480 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\Flash11f.ocx
MOD - [2012-03-03 12:05:37 | 000,335,520 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11f_ActiveX.dll
MOD - [2012-03-03 12:05:37 | 000,250,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11f_ActiveX.exe
MOD - [2012-02-29 17:11:42 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll
MOD - [2012-02-29 17:09:53 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll
MOD - [2012-02-29 08:55:08 | 017,148,552 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
MOD - [2012-02-28 03:52:25 | 012,281,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
MOD - [2012-02-28 03:27:13 | 009,705,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
MOD - [2012-02-28 03:18:55 | 001,799,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
MOD - [2012-02-28 03:12:01 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
MOD - [2012-02-28 03:11:07 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
MOD - [2012-02-28 03:08:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEShims.dll
MOD - [2012-02-28 03:04:32 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
MOD - [2012-02-28 02:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
MOD - [2012-02-24 19:58:24 | 000,307,824 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
MOD - [2012-02-14 17:45:30 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
MOD - [2012-02-14 17:45:30 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
MOD - [2012-02-13 16:12:08 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
MOD - [2012-02-13 15:47:57 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
MOD - [2012-02-13 15:44:40 | 001,068,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
MOD - [2012-01-10 21:00:33 | 001,003,576 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
MOD - [2012-01-10 21:00:33 | 000,150,072 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\gtn.dll
MOD - [2012-01-08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011-12-14 18:17:47 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2011-11-18 22:23:34 | 001,205,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2011-11-16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
MOD - [2011-11-16 18:23:08 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2011-11-16 18:23:05 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
MOD - [2011-10-14 18:03:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
MOD - [2011-09-30 17:57:08 | 000,707,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\System\wab32.dll
MOD - [2011-08-26 09:51:45 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Gosia\AppData\Local\Google\Update\GoogleUpdate.exe
MOD - [2011-08-25 18:14:01 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2011-08-25 18:14:01 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
MOD - [2011-08-25 15:31:01 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
MOD - [2011-07-03 01:42:31 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2011-07-03 01:42:31 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2011-06-15 18:12:11 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2011-06-09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2011-05-25 19:29:22 | 000,072,192 | ---- | M] (Martin Prikryl) -- C:\Program Files\WinSCP\DragExt.dll
MOD - [2011-05-02 19:16:14 | 000,739,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll
MOD - [2011-04-13 22:16:04 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
MOD - [2011-04-13 22:16:03 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
MOD - [2011-04-13 22:16:03 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
MOD - [2011-04-13 22:16:02 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
MOD - [2011-04-13 22:16:02 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
MOD - [2011-04-13 22:16:02 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
MOD - [2011-04-13 22:16:02 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll
MOD - [2011-04-13 22:16:01 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
MOD - [2011-04-13 22:16:00 | 000,766,976 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll
MOD - [2011-04-13 22:16:00 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
MOD - [2011-04-12 18:07:38 | 000,892,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2011-04-12 18:07:38 | 000,198,656 | ---- | M] () -- C:\Users\Gosia\winlogon.exe
MOD - [2011-03-03 17:40:05 | 000,542,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll
MOD - [2011-03-03 17:40:05 | 000,458,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcSpecfc.dll
MOD - [2011-03-02 17:44:26 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll
MOD - [2011-01-21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2011-01-21 18:35:22 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2011-01-20 18:08:16 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
MOD - [2011-01-20 18:08:06 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
MOD - [2011-01-20 18:08:06 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
MOD - [2011-01-20 18:07:42 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2011-01-20 18:07:16 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll
MOD - [2011-01-20 18:07:03 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2010-11-04 20:55:38 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
MOD - [2010-11-04 20:51:35 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\GdiPlus.dll
MOD - [2010-11-04 18:34:06 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
MOD - [2010-08-31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010-08-31 17:43:52 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
MOD - [2010-08-26 18:37:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
MOD - [2010-08-12 15:54:30 | 000,105,952 | ---- | M] (VS Revo Group) -- C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll
MOD - [2010-06-28 19:00:21 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-06-18 19:31:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
MOD - [2010-06-11 18:15:06 | 001,248,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll
MOD - [2010-05-04 21:13:07 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
MOD - [2010-04-16 18:46:48 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2010-01-29 17:40:43 | 001,616,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\msoe.dll
MOD - [2010-01-19 18:29:02 | 000,713,544 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
MOD - [2010-01-19 18:24:44 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\SDShelEx-win32.dll
MOD - [2009-11-09 05:17:50 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
MOD - [2009-11-09 05:15:42 | 000,163,840 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOSH.DLL
MOD - [2009-10-23 19:10:19 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
MOD - [2009-10-01 03:02:04 | 000,334,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
MOD - [2009-10-01 03:02:02 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll
MOD - [2009-10-01 03:01:59 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
MOD - [2009-09-25 04:10:10 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
MOD - [2009-09-25 04:07:08 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
MOD - [2009-09-04 13:41:59 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
MOD - [2009-08-11 18:44:26 | 001,401,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll
MOD - [2009-07-17 15:54:43 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-07-11 21:01:41 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
MOD - [2009-06-15 16:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-06-15 16:51:38 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
MOD - [2009-04-30 16:01:00 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Windows\TEMP\logishrd\LVPrcInj01.dll
MOD - [2009-04-23 14:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-04-11 08:28:26 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
MOD - [2009-04-11 08:28:26 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshbth.dll
MOD - [2009-04-11 08:28:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-11 08:28:25 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
MOD - [2009-04-11 08:28:25 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-11 08:28:25 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiutils.dll
MOD - [2009-04-11 08:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll
MOD - [2009-04-11 08:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll
MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-11 08:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll
MOD - [2009-04-11 08:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-11 08:28:24 | 001,576,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
MOD - [2009-04-11 08:28:24 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
MOD - [2009-04-11 08:28:24 | 000,203,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-11 08:28:23 | 003,174,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll
MOD - [2009-04-11 08:28:23 | 002,226,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
MOD - [2009-04-11 08:28:23 | 001,823,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
MOD - [2009-04-11 08:28:23 | 001,541,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
MOD - [2009-04-11 08:28:23 | 001,381,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-11 08:28:23 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
MOD - [2009-04-11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-11 08:28:23 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-11 08:28:22 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
MOD - [2009-04-11 08:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll
MOD - [2009-04-11 08:28:22 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
MOD - [2009-04-11 08:28:22 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
MOD - [2009-04-11 08:28:21 | 002,241,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
MOD - [2009-04-11 08:28:21 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
MOD - [2009-04-11 08:28:20 | 002,012,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-11 08:28:20 | 000,564,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
MOD - [2009-04-11 08:28:20 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
MOD - [2009-04-11 08:28:20 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
MOD - [2009-04-11 08:28:20 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
MOD - [2009-04-11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-11 08:28:20 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-11 08:28:20 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
MOD - [2009-04-11 08:28:20 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll
MOD - [2009-04-11 08:28:19 | 001,459,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
MOD - [2009-04-11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll
MOD - [2009-04-11 08:28:19 | 000,595,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
MOD - [2009-04-11 08:28:19 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
MOD - [2009-04-11 08:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-11 08:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll
MOD - [2009-04-11 08:28:19 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
MOD - [2009-04-11 08:28:19 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
MOD - [2009-04-11 08:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
MOD - [2009-04-11 08:28:19 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
MOD - [2009-04-11 08:28:19 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
MOD - [2009-04-11 08:28:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
MOD - [2009-04-11 08:28:18 | 001,985,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
MOD - [2009-04-11 08:28:18 | 001,788,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
MOD - [2009-04-11 08:28:18 | 001,324,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browseui.dll
MOD - [2009-04-11 08:28:18 | 001,112,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
MOD - [2009-04-11 08:28:18 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll
MOD - [2009-04-11 08:28:18 | 000,971,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll
MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-04-11 08:28:18 | 000,323,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
MOD - [2009-04-11 08:28:18 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
MOD - [2009-04-11 08:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll
MOD - [2009-04-11 08:28:18 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
MOD - [2009-04-11 08:28:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
MOD - [2009-04-11 08:28:18 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-11 08:28:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
MOD - [2009-04-11 08:28:18 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-11 08:28:17 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009-04-11 08:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
MOD - [2009-04-11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
MOD - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
MOD - [2009-04-11 08:27:12 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
MOD - [2009-04-11 08:27:12 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv
MOD - [2009-04-11 08:27:12 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv
MOD - [2009-02-26 13:57:18 | 000,252,952 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
MOD - [2009-02-26 13:57:16 | 000,150,552 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
MOD - [2009-02-26 13:57:12 | 000,173,592 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
MOD - [2009-02-26 13:39:46 | 003,821,568 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll
MOD - [2009-02-26 13:08:10 | 000,287,744 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrplk.lrc
MOD - [2009-02-26 13:05:12 | 000,257,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxTMM.dll
MOD - [2009-02-26 13:04:20 | 000,051,712 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll
MOD - [2009-02-26 13:03:52 | 000,094,208 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hccutils.dll
MOD - [2009-02-26 13:03:46 | 000,210,432 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxdev.dll
MOD - [2009-02-26 12:34:14 | 000,536,576 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igdumdx32.dll
MOD - [2009-01-10 04:07:13 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MOD - [2008-06-16 09:06:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Mouse Driver\MouseHook.dll
MOD - [2008-06-14 01:02:04 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMCONFIG.exe
MOD - [2008-05-30 01:22:32 | 000,331,776 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMProcess.exe
MOD - [2008-05-30 01:22:32 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\StartAutorun.exe
MOD - [2008-01-18 23:38:16 | 000,090,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpOAV.dll
MOD - [2008-01-18 23:38:04 | 000,155,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dssenh.dll
MOD - [2008-01-18 23:37:12 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
MOD - [2008-01-18 23:37:12 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2008-01-18 23:37:12 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
MOD - [2008-01-18 23:37:12 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
MOD - [2008-01-18 23:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-18 23:37:06 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnssci.dll
MOD - [2008-01-18 23:36:58 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
MOD - [2008-01-18 23:36:56 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
MOD - [2008-01-18 23:36:50 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
MOD - [2008-01-18 23:36:50 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemdisp.dll
MOD - [2008-01-18 23:36:50 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-18 23:36:48 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008-01-18 23:36:42 | 001,298,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
MOD - [2008-01-18 23:36:42 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll
MOD - [2008-01-18 23:36:40 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\syncui.dll
MOD - [2008-01-18 23:36:40 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
MOD - [2008-01-18 23:36:38 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2008-01-18 23:36:36 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-18 23:36:26 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
MOD - [2008-01-18 23:36:16 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
MOD - [2008-01-18 23:36:16 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll
MOD - [2008-01-18 23:36:14 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
MOD - [2008-01-18 23:36:08 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll
MOD - [2008-01-18 23:36:08 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
MOD - [2008-01-18 23:36:02 | 000,688,128 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\System\Ole DB\oledb32.dll
MOD - [2008-01-18 23:36:02 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll
MOD - [2008-01-18 23:36:00 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll
MOD - [2008-01-18 23:36:00 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdsapi.dll
MOD - [2008-01-18 23:36:00 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll
MOD - [2008-01-18 23:35:58 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-18 23:35:40 | 001,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
MOD - [2008-01-18 23:35:40 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll
MOD - [2008-01-18 23:35:38 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll
MOD - [2008-01-18 23:35:36 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll
MOD - [2008-01-18 23:35:14 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstask.dll
MOD - [2008-01-18 23:35:14 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll
MOD - [2008-01-18 23:35:14 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
MOD - [2008-01-18 23:35:12 | 000,475,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msidcrl30.dll
MOD - [2008-01-18 23:35:12 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msident.dll
MOD - [2008-01-18 23:34:56 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdart.dll
MOD - [2008-01-18 23:34:56 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
MOD - [2008-01-18 23:34:56 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
MOD - [2008-01-18 23:34:50 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
MOD - [2008-01-18 23:34:28 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
MOD - [2008-01-18 23:34:10 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll
MOD - [2008-01-18 23:34:08 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
MOD - [2008-01-18 23:34:08 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
MOD - [2008-01-18 23:34:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2008-01-18 23:34:06 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dispex.dll
MOD - [2008-01-18 23:34:04 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
MOD - [2008-01-18 23:34:04 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
MOD - [2008-01-18 23:34:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
MOD - [2008-01-18 23:34:04 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
MOD - [2008-01-18 23:34:02 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll
MOD - [2008-01-18 23:34:00 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll
MOD - [2008-01-18 23:33:54 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-18 23:33:50 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll
MOD - [2008-01-18 23:33:48 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
MOD - [2008-01-18 23:33:46 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
MOD - [2008-01-18 23:33:44 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
MOD - [2008-01-18 23:33:40 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
MOD - [2008-01-18 23:33:38 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe
MOD - [2008-01-18 23:33:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008-01-05 03:23:06 | 000,336,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\OESpamFilter.dll
MOD - [2007-09-20 19:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007-03-29 12:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Mouse Driver\keydll.dll
MOD - [2006-11-02 14:34:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll
MOD - [2006-11-02 14:34:04 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll
MOD - [2006-11-02 14:33:52 | 002,836,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\MSOERES.dll
MOD - [2006-11-02 14:33:49 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll
MOD - [2006-11-02 11:46:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll
MOD - [2006-11-02 11:46:13 | 000,869,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll
MOD - [2006-11-02 11:46:13 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapi32.dll
MOD - [2006-11-02 11:46:13 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
MOD - [2006-11-02 11:46:13 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shimeng.dll
MOD - [2006-11-02 11:46:13 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSChannel.dll
MOD - [2006-11-02 11:46:13 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll
MOD - [2006-11-02 11:46:12 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\System\Ole DB\oledb32r.dll
MOD - [2006-11-02 11:46:12 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pautoenr.dll
MOD - [2006-11-02 11:46:12 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pstorec.dll
MOD - [2006-11-02 11:46:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2006-11-02 11:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll
MOD - [2006-11-02 11:46:12 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll
MOD - [2006-11-02 11:46:07 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll
MOD - [2006-11-02 11:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll
MOD - [2006-11-02 11:46:05 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
MOD - [2006-11-02 11:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
MOD - [2006-11-02 11:46:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drprov.dll
MOD - [2006-11-02 11:46:03 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddrawex.dll
MOD - [2006-11-02 11:46:03 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
MOD - [2006-11-02 11:46:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll
MOD - [2006-11-02 11:46:02 | 000,737,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll
MOD - [2006-11-02 10:48:55 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
MOD - [2006-11-02 10:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll
MOD - [2006-11-02 09:28:12 | 001,098,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\System\wab32res.dll
MOD - [2006-11-02 09:28:10 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ACCTRES.dll
MOD - [2006-07-10 12:00:00 | 000,141,312 | ---- | M] () -- C:\Program Files\ZipZag\zipzagcm.dll
MOD - [2006-02-28 13:42:30 | 000,094,208 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mdnsNSP.dll
MOD - [2005-02-16 16:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (LiveUpdate Notice Ex)
SRV - File not found [Auto | Stopped] -- -- (IAANTMON) Intel®
SRV - File not found [Auto | Stopped] -- -- (ASKUpgrade)
SRV - File not found [Auto | Stopped] -- -- (ASKService)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-11-16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011-10-18 10:16:06 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010-01-19 18:27:18 | 001,043,784 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010-01-19 18:24:12 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009-11-14 15:29:06 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2009-06-07 14:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\nlssrv32.exe -- (nlsX86cc)
SRV - [2009-04-30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009-03-31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008-05-30 01:22:32 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2008-04-07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-03-03 21:36:40 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008-01-29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008-01-18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-18 23:36:50 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008-01-18 23:36:16 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007-02-12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro\o2flash.exe -- (o2flash)
SRV - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)
SRV - [2006-03-22 12:07:22 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Program Files\System Control Manager\edd.exe -- (NishService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (as2ktgea)
DRV - [2009-12-30 10:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009-11-09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-10-14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009-05-01 01:03:08 | 006,754,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 250(UVC)
DRV - [2009-05-01 01:01:36 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009-05-01 01:00:00 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009-04-30 16:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009-04-11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009-03-31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-03-24 20:07:38 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2009-03-20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-03-20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009-03-20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009-01-13 09:45:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008-04-18 12:30:29 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008-03-22 11:31:58 | 000,017,024 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFilter.SYS -- (KMWDFilter)
DRV - [2007-03-09 08:01:00 | 000,035,968 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2007-03-05 15:28:00 | 000,076,288 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006-12-22 06:21:52 | 000,019,456 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MGHwCtrl.sys -- (MGHwCtrl)
DRV - [2006-11-30 20:55:00 | 000,113,792 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2006-11-20 18:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006-11-20 09:14:08 | 000,038,400 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2006-11-02 18:41:00 | 000,053,504 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006-11-02 09:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006-10-28 01:29:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006-10-10 20:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2006-10-05 17:07:46 | 000,073,600 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2005-08-01 17:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005-01-06 14:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/"]http://startsear.ch/[/url]
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url]
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7"]http://www.google.co...g}&sourceid=ie7[/url]
IE - HKLM\..\SearchScopes\{6BD63EF5-F376-4104-B390-F6E1E3BEDAAC}: "URL" = [url="http://startsear.ch/?q=%7BsearchTerms"]http://startsear.ch/?q={searchTerms[/url]}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7"]http://www.google.co...g}&sourceid=ie7[/url]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7"]http://www.google.co...g}&sourceid=ie7[/url]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.onet.pl/"]http://www.onet.pl/[/url]
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/...Box&FORM=IE8SRC[/url]
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = [url="http://search.babylon.com/web/%7BsearchTerms%7D?babsrc=browsersearch&AF=15627"]http://search.babylo...search&AF=15627[/url]
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://www.google.pl/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7&rlz=1I7GGLL_plPL325"]http://www.google.pl...1I7GGLL_plPL325[/url]
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\SearchScopes\{6BD63EF5-F376-4104-B390-F6E1E3BEDAAC}: "URL" = [url="http://startsear.ch/?q=%7BsearchTerms"]http://startsear.ch/?q={searchTerms[/url]}
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = [url="http://isearch.avg.com/search?cid=%7B13D3E8E6-4BF8-452D-907E-1F206EDB52DF%7D&mid=32904b96a97447d08753d154d4afaae5-be72f898c1c2c2df576d9b216766416aed369e44&lang=pl&ds=gm011&pr=sa&d=2012-03-26"]http://isearch.avg.c...sa&d=2012-03-26[/url] 20:03:05&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Gosia\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Gosia\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-22 16:49:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-16 21:38:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011-11-14 13:55:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012-04-16 21:38:39 | 000,000,000 | ---D | M]

[2010-08-19 15:41:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gosia\AppData\Roaming\mozilla\Extensions
[2010-08-19 15:41:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gosia\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012-04-16 22:54:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions
[2010-04-29 09:04:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-04-11 11:48:50 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2008-12-23 12:28:35 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2011-01-10 11:12:01 | 000,000,000 | ---D | M] (Firesheep) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\firesheep@codebutler.com
[2009-12-04 13:35:13 | 000,000,000 | ---D | M] (SeoQuake Plugin - Seolinx) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\seoquake-plugin-seolinx@seoquake.com
[2012-01-17 01:25:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-03-30 12:31:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-03-22 16:49:08 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-10-03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-10-07 12:19:18 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-03-26 20:03:00 | 000,003,749 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2010-12-27 10:02:05 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011-10-07 12:19:18 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-10-07 12:19:18 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-10-07 12:19:18 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-10-07 12:19:18 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-10-07 12:19:18 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = [url="http://isearch.avg.com/search?cid=%7B13D3E8E6-4BF8-452D-907E-1F206EDB52DF%7D&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q=%7BsearchTerms"]http://isearch.avg.c...&q={searchTerms[/url]}
CHR - default_search_provider: suggest_url = [url="http://clients5.google.com/complete/search?hl=%7Blanguage%7D&q=%7BsearchTerms%7D&client=ie8&inputencoding=%7BinputEncoding%7D&outputencoding=%7BoutputEncoding"]http://clients5.goog...{outputEncoding[/url]}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\BabylonChromePI.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Babylon Translator = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\
CHR - Extension: Edit This Cookie = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\0.14.8_0\
CHR - Extension: Skype Click to Call = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: SEO SERP = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoaoaloeipdofknnaapbmdddddioklg\0.14.4_0\
CHR - Extension: Gmail = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\ssBarLcher.dll (StartSearch Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - E:\programy\ALLPlayer\Iplex\IplexToALLPlayer.dll File not found
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\ssBarLcher.dll (StartSearch Inc.)
O3 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe File not found
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-777273053-2809330852-579202895-1000..\Run: [GG] C:\Users\Gosia\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-777273053-2809330852-579202895-1000..\Run: [winlogon] C:\Users\Gosia\winlogon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..Trusted Domains: com.tw ([asia.msi] http in Local intranet)
O15 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..Trusted Domains: com.tw ([global.msi] http in Local intranet)
O15 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..Trusted Domains: com.tw ([www.msi] http in Local intranet)
O15 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..Trusted Domains: google.pl ([www] https in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [url="http://download.eset.com/special/eos/OnlineScanner.cab"]http://download.eset...lineScanner.cab[/url] (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [url="http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab"]http://platformdl.ad...Plus/1.6/gp.cab[/url] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC3D5EA7-EC0A-4BB6-BDE9-F4DDD20D4D7D}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDA372CA-4DD5-4BCA-B90E-9B4BE5AFD8FA}: DhcpNameServer = 8.8.8.8 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-777273053-2809330852-579202895-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-777273053-2809330852-579202895-1000 Winlogon: Shell - ("C:\Users\Gosia\winlogon.exe") - C:\Users\Gosia\winlogon.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Gosia\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Gosia\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-03-28 21:10:33 | 000,028,676 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O33 - MountPoints2\{28256b56-8c5b-11dd-858e-001d924b4316}\Shell\AutoRun\command - "" = WScript.exe .\`.vbs
O33 - MountPoints2\{28256b56-8c5b-11dd-858e-001d924b4316}\Shell\open\Command - "" = WScript.exe .\`.vbs
O33 - MountPoints2\{ae2e19fe-7f15-11dd-afab-001d924b4316}\Shell - "" = AutoRun
O33 - MountPoints2\{ae2e19fe-7f15-11dd-afab-001d924b4316}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{cf69978f-8b50-11df-9025-001d924b4316}\Shell - "" = AutoRun
O33 - MountPoints2\{d9bb8940-a130-11df-8a7c-001d924b4316}\Shell - "" = Autorun
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe ()
MsConfig - StartUpReg: [b]crrss[/b] - hkey= - key= - File not found
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-04-20 09:35:02 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Gosia\Desktop\OTL.exe
[2012-04-16 22:58:25 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-03-31 22:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4
[2012-03-31 22:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\Deluxe Ski Jump 4
[2012-03-31 22:51:34 | 000,000,000 | ---D | C] -- C:\Users\Gosia\Documents\Deluxe Ski Jump 4
[2012-03-30 12:31:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-03-30 12:31:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-03-28 08:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\GG
[2012-03-28 08:17:56 | 000,000,000 | --SD | C] -- C:\Users\Gosia\GG dysk
[2012-03-26 20:02:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012-03-03 12:26:17 | 000,000,000 | ---D | C] -- C:\Users\Gosia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG
[2012-03-02 15:27:59 | 000,000,000 | ---D | C] -- C:\Users\Gosia\AppData\Roaming\GG
[2012-03-02 15:26:41 | 000,000,000 | ---D | C] -- C:\Users\Gosia\AppData\Local\GG
[1 C:\Users\Gosia\AppData\Local\*.tmp files -> C:\Users\Gosia\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-04-20 09:35:03 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Gosia\Desktop\OTL.exe
[2012-04-20 09:32:02 | 000,000,286 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2012-04-20 09:30:02 | 000,000,286 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2012-04-20 09:19:22 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-20 09:19:20 | 000,003,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-20 09:19:20 | 000,003,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-20 09:19:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-20 07:34:52 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012-04-19 23:12:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-777273053-2809330852-579202895-1000UA.job
[2012-04-19 23:02:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-19 22:32:33 | 000,116,736 | ---- | M] () -- C:\Users\Gosia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-04-19 20:12:02 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-777273053-2809330852-579202895-1000Core.job
[2012-04-19 13:41:00 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012-04-16 21:38:41 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-04-14 19:37:46 | 000,714,674 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-04-14 19:37:46 | 000,634,650 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-04-14 19:37:46 | 000,152,718 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-04-14 19:37:46 | 000,120,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-03-28 08:51:49 | 000,100,983 | ---- | M] () -- C:\Users\Gosia\Documents\eboa.hyperion.pl_public_4all_faktura.php_id=9705&format=html&r=2012&re=FS.pdf
[2012-03-26 11:08:32 | 000,075,595 | ---- | M] () -- C:\Users\Gosia\Desktop\fakturaAz-tourispace.pdf
[2012-03-16 22:08:03 | 000,000,680 | ---- | M] () -- C:\Users\Gosia\AppData\Local\d3d9caps.dat
[2012-03-15 04:32:08 | 001,713,904 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Users\Gosia\AppData\Local\*.tmp files -> C:\Users\Gosia\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-18 09:58:08 | 000,001,213 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
[2012-04-16 21:38:41 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-03-28 08:51:49 | 000,100,983 | ---- | C] () -- C:\Users\Gosia\Documents\eboa.hyperion.pl_public_4all_faktura.php_id=9705&format=html&r=2012&re=FS.pdf
[2012-03-26 11:08:32 | 000,075,595 | ---- | C] () -- C:\Users\Gosia\Desktop\fakturaAz-tourispace.pdf
[2011-11-06 22:33:20 | 000,001,958 | ---- | C] () -- C:\Windows\System32\enbseries.ini
[2011-09-25 00:51:40 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011-09-25 00:51:40 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2011-06-23 21:12:33 | 000,884,736 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2011-06-23 21:12:32 | 000,147,456 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2011-06-23 21:12:31 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2011-06-23 21:12:30 | 000,491,520 | ---- | C] () -- C:\Windows\System32\mp3lib.dll
[2011-06-23 21:12:29 | 000,204,800 | ---- | C] () -- C:\Windows\System32\libvorbis.dll
[2011-06-23 21:12:29 | 000,147,522 | ---- | C] () -- C:\Windows\System32\language.ini
[2011-06-23 21:12:29 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LameEncShim.dll
[2011-06-23 21:12:28 | 000,688,128 | ---- | C] () -- C:\Windows\System32\ia32math.dll
[2011-06-23 21:12:28 | 000,212,992 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011-06-23 21:12:24 | 000,070,018 | ---- | C] () -- C:\Windows\System32\akrip32.dll
[2011-06-20 22:46:28 | 000,000,600 | ---- | C] () -- C:\Users\Gosia\AppData\Roaming\winscp.rnd
[2010-10-27 10:06:29 | 000,004,096 | -H-- | C] () -- C:\Users\Gosia\AppData\Local\keyfile3.drm
[2010-06-16 17:24:16 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010-06-07 16:46:43 | 000,000,680 | ---- | C] () -- C:\Users\Gosia\AppData\Local\d3d9caps.dat

[color=#E56717]========== LOP Check ==========[/color]

[2009-02-04 00:01:47 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\2K Sports
[2011-03-11 10:57:14 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Azureus
[2008-06-28 12:50:29 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Blumentals
[2010-07-15 08:25:17 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Bytemobile
[2012-04-19 10:33:43 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\CuteRank
[2008-04-18 12:30:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\DAEMON Tools
[2010-07-15 08:30:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\ERA
[2011-12-12 16:46:38 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\EurekaLog
[2012-04-17 14:04:05 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\FileZilla
[2011-06-08 13:32:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Free Monitor for Google
[2008-03-03 23:33:34 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Gadu-Gadu
[2010-04-27 14:55:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Gadu-Gadu 10
[2008-04-04 23:25:29 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\GameHouse
[2012-04-20 09:29:34 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\GG
[2008-06-21 00:16:39 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\GHISLER
[2010-07-10 10:26:08 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\JAlbum
[2008-11-17 23:29:47 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Leadertech
[2012-03-26 15:02:18 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2009-05-30 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\My Games
[2010-06-26 12:09:35 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\OpenFM
[2010-05-21 01:04:55 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\OpenOffice.org
[2010-05-28 14:26:11 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Opera
[2009-09-21 19:17:29 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\PC Suite
[2008-03-26 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\PeerNetworking
[2009-11-12 12:24:28 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Piechnat Soft
[2008-03-01 18:51:06 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Pogo Games
[2009-06-08 02:37:25 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\PPMate
[2010-11-11 23:17:49 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Raptr
[2009-09-21 19:03:19 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Samsung
[2008-08-22 13:38:25 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Silver Style Entertainment
[2010-08-16 14:57:12 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Softland
[2009-03-10 15:31:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\SoftMaker
[2010-06-02 12:46:29 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Softplicity
[2010-08-19 15:41:30 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Thunderbird
[2011-10-18 10:15:55 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\TuneUp Software
[2011-06-29 23:48:38 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Uniblue
[2011-06-14 09:32:18 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\VS Revo Group
[2009-06-09 20:57:10 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Vso
[2010-08-18 15:00:38 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\XnView
[2009-10-12 14:17:18 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\ZipZag
[2012-04-20 07:34:52 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012-04-20 09:32:02 | 000,000,286 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2012-04-20 09:30:02 | 000,000,286 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2012-03-28 21:10:33 | 000,028,676 | ---- | M] () -- C:\AutoMapaSetupLog.txt
[2009-04-11 08:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2009-10-08 17:05:16 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-10-08 17:05:16 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012-04-20 09:19:01 | 2452,172,800 | -HS- | M] () -- C:\pagefile.sys

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-01-18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008-01-18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-01-18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-01-18 23:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009-04-11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008-01-18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-01-18 23:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008-03-03 22:37:42 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008-03-03 22:37:42 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008-03-03 22:37:41 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008-01-18 21:49:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008-01-18 21:49:12 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
[2006-11-02 10:51:03 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AC3DD1708B22761EBD7CBE14DCC3B5D7 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-01-18 21:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008-01-18 21:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009-04-11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009-04-11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006-11-02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008-01-18 23:43:32 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2006-11-02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006-11-02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2006-11-02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008-01-18 23:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2011-04-12 18:07:38 | 000,198,656 | ---- | M] () MD5=C44D08CA89535F01155375D11D5C30AF -- C:\Users\Gosia\winlogon.exe
< End of report >
[/log]

log z OTL: extras.txt
[log]
OTL Extras logfile created on: 2012-04-20 09:38:06 - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Gosia\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,99 Gb Total Physical Memory | 0,64 Gb Available Physical Memory | 32,10% Memory free
4,22 Gb Paging File | 2,76 Gb Available in Paging File | 65,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 88,87 Gb Total Space | 3,60 Gb Free Space | 4,06% Space Free | Partition Type: NTFS
Drive E: | 59,20 Gb Total Space | 9,55 Gb Free Space | 16,13% Space Free | Partition Type: NTFS

Computer Name: GOSIA-PC | User Name: Gosia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*"

[HKEY_USERS\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- Reg Error: Key error.
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FOTOJOKER Fotoswiat] -- "C:\Program Files\Fotojoker\FOTOJOKER Fotoswiat\FOTOJOKER Fotoswiat.exe" "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\WapSter\AQQ\AQQ.exe" = C:\Program Files\WapSter\AQQ\AQQ.exe:*:Enabled:P2P AQQ -- (AQQ Sp. z o.o.)
"C:\Program Files\PPMate\ppmate.exe" = C:\Program Files\PPMate\ppmate.exe:*:Enabled:PPMate
"C:\Program Files\PPMate\ppamnet.exe" = C:\Program Files\PPMate\ppamnet.exe:*:Enabled:PPMate


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13D23FCA-53B8-444F-8295-3C466BAC12F3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email="name=@firewallapi.dll,-28539"]name=@firewallapi.dll,-28539[/email] |
"{2CE24AAE-C77C-46E2-9BE9-C10996775A69}" = rport=1723 | protocol=6 | dir=out | app=system |
"{3F9D0189-3480-4CFF-ADAC-17E107EA0B40}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{41A34225-3A85-43D9-85B0-55A3E0E3D48D}" = lport=138 | protocol=17 | dir=in | app=system |
"{523075BA-4096-4177-B995-D6D2FA83380C}" = lport=445 | protocol=6 | dir=in | app=system |
"{5509144C-3644-4DFC-9658-0AA1C906DDFE}" = lport=139 | protocol=6 | dir=in | app=system |
"{6591A9BE-6429-4A0D-A051-809CC7BC604F}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{73C7A2F5-6602-4DD0-BD43-A93FE042A01A}" = lport=1723 | protocol=6 | dir=in | app=system |
"{83961414-B443-4B62-AE2F-17EC67C29520}" = lport=137 | protocol=17 | dir=in | app=system |
"{9D62763D-D0DF-4423-93E8-D07EEF386A58}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A15A0CD5-1A5B-4656-8FD0-CB7B41979538}" = rport=445 | protocol=6 | dir=out | app=system |
"{A59A2414-9393-4CC9-ACF5-7BE22D83E530}" = rport=139 | protocol=6 | dir=out | app=system |
"{B323468F-1752-49C1-8461-9FD1953DB559}" = rport=137 | protocol=17 | dir=out | app=system |
"{BCA38CB7-07FD-43CC-BDD1-449C85A4DFB5}" = rport=1701 | protocol=17 | dir=out | app=system |
"{E663C26A-73C2-436D-86C0-11D94F3D6FF1}" = rport=138 | protocol=17 | dir=out | app=system |
"{EF991DC8-8E8E-44BF-9285-78A2E3698E5D}" = lport=1701 | protocol=17 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FB3BBDC-7A66-4E89-A330-FE25A879F89D}" = protocol=1 | dir=out | [email="name=@firewallapi.dll,-28544"]name=@firewallapi.dll,-28544[/email] |
"{11F91CB0-34F3-46DE-BD19-C00BCE4E4846}" = protocol=58 | dir=out | [email="name=@firewallapi.dll,-28546"]name=@firewallapi.dll,-28546[/email] |
"{21E2D166-887A-450E-A9CF-40DDB0629DAF}" = protocol=17 | dir=in | app=c:\users\gosia\desktop\videoconverter_setup.exe |
"{27693819-FE7F-4C31-83B7-2AF4E9DD5403}" = protocol=6 | dir=in | app=c:\program files\cuterank\cuterank.exe |
"{2A6E5A2F-00A0-4DB8-A8BA-4FC0144A6D61}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{525FB602-2529-4372-9CCE-F2A57964866A}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{771032D5-DADA-47B3-B317-B6C369C9F66C}" = protocol=58 | dir=in | [email="name=@firewallapi.dll,-28545"]name=@firewallapi.dll,-28545[/email] |
"{7B50EE15-0D97-4AC1-ADCA-112ABD3550AF}" = protocol=1 | dir=in | [email="name=@firewallapi.dll,-28543"]name=@firewallapi.dll,-28543[/email] |
"{87EB7DCC-6AF3-4BC3-A1C3-5B9474ECDE0B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA56FC72-88B5-4FAF-B710-AD6B3E7018CE}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{ABCD0646-97CE-4211-AD50-7FE2704AD0F8}" = protocol=17 | dir=in | app=c:\program files\cuterank\cuterank.exe |
"{CEDB63A4-DC4A-4CD9-A8FC-0572F5EB2196}" = protocol=6 | dir=in | app=c:\users\gosia\desktop\videoconverter_setup.exe |
"{E9911258-B96C-4C05-8EE9-AD8D74B3FA67}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{1EADAF55-A582-4B9B-B72E-C57E4C13CAEE}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{20380080-81F7-4290-83BF-19E59636F533}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{2555874A-58FD-4CAC-AE45-A51857B93D85}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{3BB897BA-9601-44B7-B8EF-46CA314FB4CF}E:\gry\cs\hlds.exe" = protocol=6 | dir=in | app=e:\gry\cs\hlds.exe |
"TCP Query User{3CE05880-C97A-4537-AC29-B57650487AFA}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{4011E28A-3ED4-4A54-B36C-3BF675D01806}E:\gry\cs\hl.exe" = protocol=6 | dir=in | app=e:\gry\cs\hl.exe |
"TCP Query User{418BECB2-AD5F-46E0-89C0-EE07761282EB}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{5AA57A4B-DE67-432A-89E2-6954D4108FC0}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{60CB51FB-3E28-406F-B54E-DF9D0E2F7CF0}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{61997441-0B60-47B3-9B6A-EF1357465092}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{77728166-201D-449B-8F46-474AF892204F}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{8DD97830-78A3-47B3-81E7-A55845865EB1}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{97E78F37-7028-45D6-BB51-4883006D8E11}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{988687A8-A992-4116-81AC-0165FAD450EC}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{AE42FD0E-B397-476B-8F44-0CD2D2BA05D3}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{E3642D3F-4F58-405D-829B-EB1412B2227F}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{EA9F3CA5-6362-4CF5-AEC7-D9F040F122B2}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{F48574FC-7D56-49D8-937F-6F4DC659CC57}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F8522DE4-C48E-4D03-B7DD-1453F4FEC867}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{025ADA7F-58DB-453B-95C8-43BAEA141DBA}E:\gry\cs\hl.exe" = protocol=17 | dir=in | app=e:\gry\cs\hl.exe |
"UDP Query User{0930EED6-BBFE-429A-90FD-C456B0759765}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{18E801C7-C520-4B40-90AA-22BA49010B63}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{1BDAFCA2-5F66-446E-BF37-FBD356334EF9}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{2216CE01-9ED9-4508-A877-5DC6B6ECFAEF}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{3AEC57A4-E5C2-4C7C-9012-B0B93C65AA0E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{745455CD-F418-4017-8AC0-3C241AE4A337}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{7942D365-11E7-45E1-8AF6-8FBD0E9F0563}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{7E9D268C-1F39-4620-8892-03A4F2476488}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{9DBA734B-1BA4-4CB8-A1D5-C56BA10A4A4E}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{A650947D-C073-4310-8501-0A5AE9D31239}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{A872E8B8-D8CD-46FB-8846-038766A63331}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{AA4E06F0-9886-4436-9A9F-5A175DD670CC}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{AAC82437-A82D-4928-8BE6-9937A091C60A}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{C2863734-67D2-4D52-B72E-34AD2ABF25D9}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{E2781372-AEC3-4F0F-B902-7DDF35E14B47}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{E5C39486-969D-49AB-B466-20384225DD0F}E:\gry\cs\hlds.exe" = protocol=17 | dir=in | app=e:\gry\cs\hlds.exe |
"UDP Query User{ED1663BA-8520-45EA-BBAF-80E60121C702}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{FDDD1FA6-B48D-4AB2-89FD-ABB8E8732274}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007E2169-16E4-4ACF-95BF-2E9FBC49673E}" = Adobe Setup
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05381030-963D-4779-BECA-0D7D49268EDB}" = Płatnik 8.01.001
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{1466F426-3D1E-411C-89BE-5F04261123EF}" = Adobe InDesign CS3
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java™ 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A539CD9-0F75-4875-9A32-E06DD93C4114}" = Adobe Extension Manager CS3
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{48B82226-75E3-4E90-92CC-D30F79EA6380}" = Norton Security Scan
"{48C10E3C-A04F-4ED0-82AF-609CC5DE0F5D}" = O2Micro Flash Memory Card Reader Driver Installer(x86)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5525F6BD-0627-4F48-9640-B809A834E69C}" = The Panorama Factory V5 m32 Edition
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{55BFC356-5A7B-482F-A213-9ACFDDFF6037}" = Mouse Driver
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.7
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F0F5F58-0EE4-4DAB-B5C2-C047A250C696}" = Adobe Setup
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85767617-E6B1-499E-8C1B-C92E2AAFF586}" = TuneUp Utilities Language Pack (pl-PL)
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish
"{AC76D478-1033-0000-3478-000000000001}" = Adobe Acrobat Distiller 6.0
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{ACCD5C00-F1E4-11DD-AA93-005056C00008}" = Paragon Partition Manager™ 10.0 Server
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B7A27DE8-1A77-45E3-8CFB-72A50D1C2922}" = Jalbum
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCFB469B-85FF-4CB6-AA75-542BDE267A22}" = Easy Email Sender
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = PowerDVD Copy
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E63F3DF4-18E8-4F46-BBD8-E64FC9C370AD}" = TP-LINK Driver Installation Program
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB87675F-5281-4767-A54B-31931794C23D}" = OpenOffice.org 3.3
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{FDFCE5F3-8962-579F-8398-16310ABED56A}" = Market Samurai
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Adobe_c6130331409d42b2f62a7cc73ec2c87" = Adobe InDesign CS3
"ALLPlayer_is1" = ALLPlayer V4.X
"appcd_2009.PL000.002" = pkt.pl na CD - CD Turystyka 2009
"CCleaner" = CCleaner (remove only)
"CuteRank" = CuteRank 3.5.0
"Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4
"DMI Browser" = DMI Browse
"doPDF 7 printer_is1" = doPDF 7.1 printer
"DRUKI IPS_is1" = DRUKI IPS
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.1.0.2
"Easy Email Sender" = Easy Email Sender
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.3
"FOTOJOKER Fotoswiat" = FOTOJOKER Fotoswiat
"Free Monitor for Google_is1" = Free Monitor for Google 2.5
"Gadu-Gadu 10" = Gadu-Gadu 10
"GOM Player" = GOM Player
"Google Updater" = Aktualizator Google
"GSview 4.8" = GSview 4.8
"HDMI" = Intel® Graphics Media Accelerator Driver
"InfoView" = InfoView
"InstallShield_{55BFC356-5A7B-482F-A213-9ACFDDFF6037}" = Mouse Driver
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"JDownloader" = JDownloader
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"kED_is1" = kED 2.1.4.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.3.4 (Full)
"lvdrivers_12.0" = Pakiet sterowników: Logitech Webcam Software
"Mahjong Garden Deluxe Free" = Mahjong Garden Deluxe Free
"MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1" = Market Samurai
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Monopoly by Parker Brothers" = Monopoly by Parker Brothers
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"Mozilla Thunderbird 11.0.1 (x86 pl)" = Mozilla Thunderbird 11.0.1 (x86 pl)
"OEBackupGenie_is1" = Outlook Express Backup Genie v2.0
"Opera 11.62.1347" = Opera 11.62
"PDF Combine_is1" = PDF Combine
"PITy 2008_is1" = PITy 2008 dla Windows kompilacja:1.0.2.10
"PowerISO" = PowerISO
"Program Pit 2007 - rozliczenie roczne podatku dochodowego_is1" = 1.0.0.25
"Quick Search Box" = Okno szybkiego wyszukiwania Google
"RealAlt_is1" = Real Alternative 1.8.4
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"seopowersuite" = SEO SpyGlass
"SkanerOnline" = Skaner on-line mks_vir
"SubEdit-Player_is1" = SubEdit-Player
"SystemRequirementsLab" = System Requirements Lab
"Tetris 5000(v1.10 full version)" = Tetris 5000(v1.10 full version)
"Total Video Converter 3.14_is1" = Total Video Converter 3.14 080930
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities" = TuneUp Utilities
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"VATowiec Komplet_is1" = VATowiec 3.61
"VATowiec_is1" = VATowiec 3.36
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"WinRAR archiver" = Archiwizator WinRAR
"winscp3_is1" = WinSCP 4.3.3
"XnView_is1" = XnView 1.97.6
"ZipZag_is1" = ZipZag 1.80 Archiver

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-04-18 18:37:53 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 1023
Description =

Error - 2012-04-18 18:38:09 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 2012-04-18 18:38:09 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 2012-04-18 18:38:09 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 1023
Description =

Error - 2012-04-19 03:13:30 | Computer Name = Gosia-PC | Source = Application Hang | ID = 1002
Description = Program iexplore.exe w wersji 9.0.8112.16421 zatrzymał interakcję
z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej
informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania
raportami i rozwiązaniami problemów. Identyfikator procesu: 1168 Godzina rozpoczęcia:
01cd1df987a357f6 Godzina zakończenia: 40

Error - 2012-04-19 08:55:03 | Computer Name = Gosia-PC | Source = Application Hang | ID = 1002
Description = Program Taskmgr.exe w wersji 6.0.6001.18000 zatrzymał interakcję z
systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: e18 Godzina rozpoczęcia: 01cd1e2b77711fae
Godzina
zakończenia: 4217

Error - 2012-04-20 01:20:22 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 2012-04-20 01:20:23 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 2012-04-20 01:20:23 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 1023
Description =

Error - 2012-04-20 03:29:37 | Computer Name = Gosia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gghub.exe, wersja 11.0.0.0, sygnatura czasowa
0x4f7d023b, moduł powodujący błąd gghub.exe, wersja 11.0.0.0, sygnatura czasowa
0x4f7d023b, kod wyjątku 0xc0000005, przesunięcie błędu 0x00022699, identyfikator
procesu 0xa74, godzina rozpoczęcia aplikacji 0x01cd1ec72d1fe1f4.

[ System Events ]
Error - 2012-04-20 01:13:55 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-20 01:13:55 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-20 01:13:55 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-20 01:13:55 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 2012-04-20 01:21:41 | Computer Name = Gosia-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 2012-04-20 03:19:18 | Computer Name = Gosia-PC | Source = Print | ID = 19
Description = Bufor wydruku nie może udostępnić drukarki Xerox Phaser 3117 z nazwą
udostępnionego zasobu Xerox Phaser 3117. Błąd 1722. Inne osoby w sieci nie mogą
korzystać z drukarki.

Error - 2012-04-20 03:20:46 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-20 03:20:46 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-20 03:20:46 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-20 03:20:46 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
[/log]


Log z RSIT: log.txt
[log]
Logfile of random's system information tool 1.09 (written by random/random)
Run by Gosia at 2012-04-20 10:26:11
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 4 GB (4%) free of 91 GB
Total RAM: 2039 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:26:28, on 2012-04-20
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Users\Gosia\winlogon.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\explorer.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Gosia\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11f_ActiveX.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Users\Gosia\Desktop\OTL.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Gadu-Gadu 10\gg.exe
C:\Users\Gosia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gosia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gosia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gosia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gosia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gosia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gosia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gosia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\calc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\notepad.exe
C:\Windows\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Gosia\Desktop\RSIT.exe
C:\Program Files\trend micro\Gosia.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.onet.pl/"]http://www.onet.pl/[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/"]http://startsear.ch/[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\ssBarLcher.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - E:\programy\ALLPlayer\Iplex\IplexToALLPlayer.dll (file missing)
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - (no file)
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O3 - Toolbar: StartSearchToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\ssBarLcher.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gosia\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GG] "C:\Users\Gosia\AppData\Local\GG\Application\gghub.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [winlogon] C:\Users\Gosia\winlogon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: [url="http://asia.msi.com.tw"]http://asia.msi.com.tw[/url]
O15 - Trusted Zone: [url="http://global.msi.com.tw"]http://global.msi.com.tw[/url]
O15 - Trusted Zone: [url="http://www.msi.com.tw"]http://www.msi.com.tw[/url]
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - [url="http://download.eset.com/special/eos/OnlineScanner.cab"]http://download.eset...lineScanner.cab[/url]
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [url="http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab"]http://platformdl.ad...Plus/1.6/gp.cab[/url]
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC3D5EA7-EC0A-4BB6-BDE9-F4DDD20D4D7D}: NameServer = 192.168.0.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ASKService - Adaptec, Inc. - (no file)
O23 - Service: ASKUpgrade - Adaptec, Inc. - (no file)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate1c99e905af1e7e0) (gupdate1c99e905af1e7e0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\nlssrv32.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro\o2flash.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 11433 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-777273053-2809330852-579202895-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-777273053-2809330852-579202895-1000UA.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Gosia\AppData\Roaming\Mozilla\Firefox\Profiles\a8hpptxj.default
prefs.js - "browser.startup.homepage" - "[url="http://www.onet.pl"]www.onet.pl[/url]"
prefs.js - "extensions.enabledItems" - "[email="firebug@software.joehewitt.com:1.6.2"]firebug@software.joehewitt.com:1.6.2[/email], {9d1f059c-cada-4111-9696-41a62d64e3ba}:0.5.3.4, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {317B5128-0B0B-49b2-B2DB-1E7560E16C74}:2.7.1, [email="seoquake-plugin-seolinx@seoquake.com:1.0.2"]seoquake-plugin-seolinx@seoquake.com:1.0.2[/email], {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, [email="firesheep@codebutler.com:0.1"]firesheep@codebutler.com:0.1[/email], {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "[url="http://search.babylon.com/?babsrc=adbartrp&AF=15627&q"]http://search.babylo...rtrp&AF=15627[/url]="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer™ LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
np32dsw.dll
npdeployJava1.dll
NPOFFICE.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprpjplug.dll
QuickTimePlugin.class
ShockwavePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
allegro-pl.xml
avg-secure-search.xml
babylon.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml
C:\Users\Gosia\AppData\Roaming\Mozilla\Firefox\Profiles\a8hpptxj.default\extensions\
[email="firesheep@codebutler.com"]firesheep@codebutler.com[/email]
[email="seoquake-plugin-seolinx@seoquake.com"]seoquake-plugin-seolinx@seoquake.com[/email]
{20a82645-c095-46ed-80e3-08825760534b}
{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
{E9A1DEE0-C623-4439-8932-001E7D17607D}
C:\Users\Gosia\AppData\Roaming\Mozilla\Firefox\Profiles\a8hpptxj.default\searchplugins\
daemon-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}]
IE5BarLauncherBHO Class - C:\Program Files\vShare.tv plugin\ssBarLcher.dll [2011-06-09 177712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-22 192112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
IplexToALLPlayer - E:\programy\ALLPlayer\Iplex\IplexToALLPlayer.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}]
IEPluginBHO Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98}
{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - StartSearchToolBar - C:\Program Files\vShare.tv plugin\ssBarLcher.dll [2011-06-09 177712]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-22 192112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe []
"KMCONFIG"=C:\Program Files\Mouse Driver\StartAutorun.exe [2008-05-30 212992]
"NPSStartup"= []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-02-26 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-02-26 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-02-26 150552]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2011-08-19 126976]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-11-09 180224]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-10 39408]
"Google Update"=C:\Users\Gosia\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-26 136176]
"GG"=C:\Users\Gosia\AppData\Local\GG\Application\gghub.exe [2012-04-11 3213408]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]
"ISUSPM Startup"=c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-16 221184]
"winlogon"=C:\Users\Gosia\winlogon.exe [2011-04-12 198656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
C:\Program Files\ALLPlayer\ALLUpdate.exe [2009-06-04 869888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\crrss]
C:\Windows\system32\crrss.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-02-26 210432]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255
"NoDrives"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\WapSter\AQQ\AQQ.exe"="C:\Program Files\WapSter\AQQ\AQQ.exe:*:Enabled:P2P AQQ"
"C:\Program Files\PPMate\ppmate.exe"="C:\Program Files\PPMate\ppmate.exe:*:Enabled:PPMate"
"C:\Program Files\PPMate\ppamnet.exe"="C:\Program Files\PPMate\ppamnet.exe:*:Enabled:PPMate"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.clmp3enc"=C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.DIVX"=divx.dll
"msacm.divxa32"=msaud32_divx.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.vorbis"=vorbis.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux3"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
======File associations======
.bat - edit - %SystemRoot%\System32\NOTEPAD.EXE %1"
.ini - open - %SystemRoot%\System32\NOTEPAD.EXE %1"
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "E:\programy\Dreamweaver\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
.scr - config -
======List of files/folders created in the last 1 month======
2012-04-20 10:26:12 ----D---- C:\Program Files\trend micro
2012-04-20 10:26:11 ----D---- C:\rsit
2012-04-16 22:58:25 ----D---- C:\Program Files\ESET
2012-04-16 20:19:14 ----A---- C:\Windows\ntbtlog.txt
2012-04-12 10:12:10 ----A---- C:\Windows\system32\mshtmled.dll
2012-04-12 10:12:10 ----A---- C:\Windows\system32\iertutil.dll
2012-04-12 10:12:09 ----A---- C:\Windows\system32\wininet.dll
2012-04-12 10:12:09 ----A---- C:\Windows\system32\jscript9.dll
2012-04-12 10:12:09 ----A---- C:\Windows\system32\jscript.dll
2012-04-12 10:12:08 ----A---- C:\Windows\system32\url.dll
2012-04-12 10:12:08 ----A---- C:\Windows\system32\jsproxy.dll
2012-04-12 10:12:08 ----A---- C:\Windows\system32\ieui.dll
2012-04-12 10:12:07 ----A---- C:\Windows\system32\urlmon.dll
2012-04-12 10:12:06 ----A---- C:\Windows\system32\ieframe.dll
2012-04-12 10:12:05 ----A---- C:\Windows\system32\mshtml.dll
2012-04-12 10:11:58 ----A---- C:\Windows\system32\wmi.dll
2012-04-12 10:11:58 ----A---- C:\Windows\system32\wintrust.dll
2012-04-12 10:11:58 ----A---- C:\Windows\system32\imagehlp.dll
2012-04-12 10:11:58 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-04-12 10:11:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-04-12 10:11:36 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-03-31 22:55:50 ----D---- C:\Program Files\Deluxe Ski Jump 4
2012-03-30 12:31:20 ----D---- C:\Program Files\Common Files\Skype
2012-03-28 20:27:26 ----A---- C:\AutoMapaSetupLog.txt
2012-03-28 08:18:27 ----D---- C:\ProgramData\GG
2012-03-26 20:02:50 ----HD---- C:\ProgramData\Common Files
======List of files/folders modified in the last 1 month======
2012-04-20 10:26:26 ----D---- C:\Windows\Prefetch
2012-04-20 10:26:17 ----D---- C:\Windows\TEMP
2012-04-20 10:26:12 ----RD---- C:\Program Files
2012-04-20 10:03:23 ----D---- C:\Users\Gosia\AppData\Roaming\Skype
2012-04-20 09:29:34 ----D---- C:\Users\Gosia\AppData\Roaming\GG
2012-04-20 07:24:18 ----SHD---- C:\System Volume Information
2012-04-20 07:20:23 ----SHD---- C:\Windows\Installer
2012-04-19 17:00:36 ----D---- C:\Users\Gosia\AppData\Roaming\Adobe
2012-04-19 16:20:36 ----D---- C:\PILOTUJ_PL
2012-04-19 10:33:43 ----D---- C:\Users\Gosia\AppData\Roaming\CuteRank
2012-04-19 10:14:55 ----D---- C:\Program Files\CuteRank
2012-04-18 23:06:39 ----D---- C:\Program Files\JDownloader
2012-04-18 09:58:08 ----SHD---- C:\Config.Msi
2012-04-17 17:07:25 ----D---- C:\Windows\system32\catroot2
2012-04-17 14:04:05 ----D---- C:\Users\Gosia\AppData\Roaming\FileZilla
2012-04-17 01:25:09 ----D---- C:\Windows\System32
2012-04-17 00:33:59 ----D---- C:\Program Files\VideoConverter
2012-04-17 00:33:53 ----D---- C:\Windows\Tasks
2012-04-16 22:58:28 ----SD---- C:\Windows\Downloaded Program Files
2012-04-16 20:19:14 ----AD---- C:\Windows
2012-04-16 10:55:06 ----D---- C:\Program Files\Common Files\Adobe AIR
2012-04-15 09:50:58 ----A---- C:\Windows\win.ini
2012-04-14 19:37:46 ----D---- C:\Windows\inf
2012-04-14 19:37:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-13 15:45:32 ----D---- C:\Program Files\Opera
2012-04-12 10:40:55 ----D---- C:\Windows\system32\migration
2012-04-12 10:40:54 ----D---- C:\Windows\system32\drivers
2012-04-12 10:40:54 ----D---- C:\Program Files\Internet Explorer
2012-04-12 10:15:07 ----RSD---- C:\Windows\assembly
2012-04-12 10:15:07 ----D---- C:\Windows\Microsoft.NET
2012-04-12 10:12:27 ----D---- C:\Windows\winsxs
2012-04-12 10:12:23 ----D---- C:\Windows\system32\catroot
2012-04-12 10:04:22 ----A---- C:\Windows\system32\mrt.exe
2012-04-12 10:04:11 ----D---- C:\Program Files\Windows Mail
2012-03-30 12:31:22 ----RD---- C:\Program Files\Skype
2012-03-30 12:31:20 ----D---- C:\Program Files\Common Files
2012-03-30 12:31:19 ----D---- C:\ProgramData\Skype
2012-03-29 16:56:32 ----D---- C:\Program Files\Mozilla Thunderbird
2012-03-28 20:47:36 ----D---- C:\FILMY
2012-03-28 08:18:27 ----HD---- C:\ProgramData
2012-03-26 15:02:18 ----D---- C:\Users\Gosia\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
2012-03-26 14:01:33 ----D---- C:\Program Files\UnderCoverXP
2012-03-26 14:00:31 ----D---- C:\Program Files\URUSoft
2012-03-22 16:49:09 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hotcore3;hc3ServiceName; C:\Windows\system32\DRIVERS\hotcore3.sys [2009-03-24 40560]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-02-11 329752]
R0 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2006-11-20 38400]
R0 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sd.sys [2007-03-09 35968]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-04-18 717296]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-11-09 59388]
R3 AgereSoftModem;Modem programowy Agere Systems; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 HdAudAddService;Sterownik funkcji Microsoft 1.1 UAA dla usługi standardu High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-02-26 4569088]
R3 KMWDFilter;KMWDFilter; \??\C:\Windows\System32\Drivers\KMWDFilter.SYS [2008-03-22 17024]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-04-30 25624]
R3 MGHwCtrl;MGHwCtrl; \??\C:\Windows\system32\drivers\MGHwCtrl.sys [2006-12-22 19456]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-03-16 47360]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288]
R3 StillCam;Sterownik szeregowego cyfrowego aparatu fotograficznego; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-18 9216]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
S3 as2ktgea;as2ktgea; C:\Windows\system32\drivers\as2ktgea.sys []
S3 BthEnum;Usługa wyliczania Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Urządzenie Bluetooth (sieć osobista); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
S3 BTHPORT;Sterownik portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Sterownik USB odbiornika radiowego Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 catchme;catchme; C:\Windows\system32\drivers\catchme.sys []
S3 dot4;Sterownik MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-18 131584]
S3 Dot4Print;Sterownik klasy drukowania dla IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-18 16384]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-18 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 lvpopflt;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopflt.sys [2009-05-01 114712]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2009-05-01 265496]
S3 LVUVC;Logitech Webcam 250(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2009-05-01 6754712]
S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RFCOMM;Urządzenie Bluetooth (Protokół TDI RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2006-11-30 113792]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2006-10-05 73600]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2006-11-02 53504]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2006-10-28 40960]
S3 usb_rndisx;Karta USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 usbaudio;Sterownik audio USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Mouse Driver\KMWDSrv.exe [2008-05-30 208896]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-04-30 154136]
R2 NishService;SCM Driver Daemon; C:\Program Files\System Control Manager\edd.exe [2006-03-22 40960]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\system32\nlssrv32.exe [2009-06-07 61440]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro\o2flash.exe [2007-02-12 65536]
R2 ProtexisLicensing;ProtexisLicensing; C:\Program Files\Common Files\Protexis\License Service\PSIService.exe [2006-11-02 174656]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-01-19 1043784]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c99e905af1e7e0;Google Update Service (gupdate1c99e905af1e7e0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-06 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-02 194032]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 aspnet_state;Usuga stanu ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-03-03 654848]
S3 gupdatem;Usługa Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-06 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2009-11-14 68096]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-10-18 435016]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
[/log]

log z RSIT: info.txt
[log]
info.txt logfile of random's system information tool 1.09 2012-04-20 10:26:37
======Uninstall list======
-->C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\standard_1.exe
1.0.0.25-->"C:\Program Files\Gofin\Pit2007\unins000.exe"
Adobe Acrobat Distiller 6.0-->MsiExec.exe /I{AC76D478-1033-0000-3478-000000000001}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{47FA2C44-D148-4DBC-AF60-B91934AA4842}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->C:\Program Files\Common Files\Adobe\Installers\435a6af7459cb02a9c1138113a26e93\Setup.exe
Adobe Dreamweaver CS3-->MsiExec.exe /I{F01D5ED5-D53A-4468-B428-149DC2CB3110}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Extension Manager CS3-->MsiExec.exe /I{2A539CD9-0F75-4875-9A32-E06DD93C4114}
Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil11f_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil11f_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->C:\Program Files\Common Files\Adobe\Installers\c6130331409d42b2f62a7cc73ec2c87\Setup.exe
Adobe InDesign CS3-->MsiExec.exe /I{1466F426-3D1E-411C-89BE-5F04261123EF}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Reader 9.5.1 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A95000000001}
Adobe Setup-->MsiExec.exe /I{007E2169-16E4-4ACF-95BF-2E9FBC49673E}
Adobe Setup-->MsiExec.exe /I{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{7F0F5F58-0EE4-4DAB-B5C2-C047A250C696}
Adobe Setup-->MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
Adobe SING CS3-->MsiExec.exe /I{B671CBFD-4109-4D35-9252-3062D3CCB7B2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Aktualizator Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
ALLPlayer V4.X-->"E:\programy\ALLPlayer\unins000.exe"
Apple Application Support-->MsiExec.exe /I{EE6097DD-05F4-4178-9719-D3170BF098E8}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x9
CuteRank 3.5.0-->C:\Program Files\CuteRank\uninst.exe
Deluxe Ski Jump 4-->"C:\Program Files\Deluxe Ski Jump 4\Uninstall\unins000.exe"
DHTML Editing Component-->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0}
DMI Browse-->C:\Windows\IsUninst.exe -f"C:\Program Files\MSI\DMI Browser\Uninst.isu"
doPDF 7.1 printer-->"C:\Program Files\Softland\doPDF 7\unins000.exe"
DRUKI IPS-->"C:\Program Files\IPSPI\FORMUL.IPS\unins000.exe"
DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
DVDFab Platinum 4.1.0.2-->"C:\Program Files\DVDFab Platinum 4\unins000.exe"
Easy Email Sender-->"C:\ProgramData\{58E408B3-8293-456A-BDA8-EEEC3BB2A4D5}\EasyEmailSender.exe" REMOVE=TRUE MODIFY=FALSE
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
FIFA 10-->MsiExec.exe /X{11202615-E557-4ECF-9B86-F59C81E52909}
FileZilla Client 3.5.3-->C:\Program Files\FileZilla FTP Client\uninstall.exe
FOTOJOKER Fotoswiat-->"C:\Program Files\Fotojoker\FOTOJOKER Fotoswiat\uninstall.exe"
Free Monitor for Google 2.5-->"C:\Program Files\Free Monitor for Google\unins000.exe"
Gadu-Gadu 10-->C:\Program Files\Gadu-Gadu 10\Uninstall.exe
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_F91D44FAA5479127.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
GSview 4.8-->C:\Program Files\Ghostgum\gsview\uninstgs.exe "C:\Program Files\Ghostgum\gsview\uninstal.txt"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
InfoView-->C:\Windows\IsUninst.exe -f"C:\Program Files\MSI\InfoView\Uninst.isu"
Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Jalbum-->MsiExec.exe /I{B7A27DE8-1A77-45E3-8CFB-72A50D1C2922}
Java™ 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018F0}
Java™ 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022F0}
Java™ 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
JDownloader-->C:\Program Files\JDownloader\uninstall.exe
Kaspersky Online Scanner-->C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
kED 2.1.4.0-->"C:\Program Files\kED\unins000.exe"
K-Lite Codec Pack 4.3.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Logitech Webcam Software-->MsiExec.exe /I{AC96671C-2001-432C-9826-5266D84EF1DC}
Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash MX 2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F353D44-73BB-4971-B31D-F7642E9E9531}\Setup.exe" -l0x9 UNINSTALL
Market Samurai-->msiexec /qb /x {FDFCE5F3-8962-579F-8398-16310ABED56A}
Market Samurai-->MsiExec.exe /I{FDFCE5F3-8962-579F-8398-16310ABED56A}
MediaShow-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe" -uninstall
Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - plk-->MsiExec.exe /I{9EFDFBA8-9174-3C61-8645-28376C5CA994}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile PLK Language Pack-->MsiExec.exe /X{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110415-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218-->MsiExec.exe /X{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Monopoly by Parker Brothers-->D:\Gry\MONOPO~1\UNWISE.EXE /U D:\Gry\MONOPO~1\INSTALL.LOG
Mouse Driver-->C:\Program Files\InstallShield Installation Information\{55BFC356-5A7B-482F-A213-9ACFDDFF6037}\setup.exe -runfromtemp -l0x0409
Mozilla Firefox 11.0 (x86 pl)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird 11.0.1 (x86 pl)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Norton Security Scan-->MsiExec.exe /I{48B82226-75E3-4E90-92CC-D30F79EA6380}
O2Micro Flash Memory Card Reader Driver Installer(x86)-->MsiExec.exe /X{48C10E3C-A04F-4ED0-82AF-609CC5DE0F5D}
Okno szybkiego wyszukiwania Google-->"C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBoxSetup.exe" /force /standalone /uninstall
OpenOffice.org 3.3-->MsiExec.exe /I{EB87675F-5281-4767-A54B-31931794C23D}
Opera 11.62-->"C:\Program Files\Opera\Opera.exe" /uninstall
Outlook Express Backup Genie v2.0-->"C:\Program Files\Outlook Express Backup Genie\unins000.exe"
Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - plk\setup.exe
Pakiet sterowników: Logitech Webcam Software-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\12.0.1278\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=200 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_12.0" /clone_wait /hide_progress
Paragon Partition Manager™ 10.0 Server-->MsiExec.exe /I{ACCD5C00-F1E4-11DD-AA93-005056C00008}
PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
PDF Combine-->"E:\programy\PDF Combine\unins000.exe"
PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
PhotoNow! 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" -uninstall
PITy 2008 dla Windows kompilacja:1.0.2.10-->"C:\Program Files\PITy\PITy2008NG\unins000.exe"
pkt.pl na CD - CD Turystyka 2009-->D:\PKT\PKTPL\cd turystyka 2009\install.exe uninstall
Płatnik 8.01.001-->C:\Program Files\InstallShield Installation Information\{05381030-963D-4779-BECA-0D7D49268EDB}\setup.exe -runfromtemp -l0x0015 -removeonly
Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1045 /parameterfolder ClientLP
Power2Go 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerBackup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\setup.exe" -uninstall
PowerDirector Express-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDE721EC-870A-11D8-9D75-000129760D75}\setup.exe" -uninstall
PowerDVD Copy-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\setup.exe" -uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
Real Alternative 1.8.4-->"C:\Program Files\Real Alternative\unins000.exe"
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0015 -removeonly
Revo Uninstaller Pro 2.5.7-->"C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"
SAMSUNG Mobile Composite Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
Samsung Mobile Modem Device Software-->C:\Windows\system32\Samsung_USB_Drivers\7\SSECUninstall.exe
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung New PC Studio USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{AF7E85DC-317C-47F5-810E-B82EE093A612}\setup.exe" -runfromtemp -l0x0415 -removeonly
Samsung New PC Studio USB Driver Installer-->MsiExec.exe /I{AF7E85DC-317C-47F5-810E-B82EE093A612}
Samsung New PC Studio-->"C:\Program Files\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x0415 -removeonly
Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A}
SAMSUNG USB Mobile Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6\SS_BUninstall.exe
SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
SEO SpyGlass-->"C:\Program Files\SEO PowerSuite\Uninstall.exe"
Skaner on-line mks_vir-->C:\Windows\system32\SkanerOnlineUninstall.exe
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.8-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
Sothink SWF Decompiler-->"E:\programy\Sothink SWF Decompiler\unins000.exe"
SubEdit-Player-->"C:\Program Files\SubEdit-Player\unins000.exe"
System Control Manager-->C:\Program Files\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe -runfromtemp -l0x0009 -removeonly
System Requirements Lab for Intel-->MsiExec.exe /I{F7FC9307-374E-4017-8E9D-DE1154780480}
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Tetris 5000(v1.10 full version)-->D:\Gry\Tetris 5000(v1.10 full version)\uninstal.exe
The Panorama Factory V5 m32 Edition-->MsiExec.exe /I{5525F6BD-0627-4F48-9640-B809A834E69C}
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Total Video Converter 3.14 080930-->"C:\Program Files\Total Video Converter\unins000.exe"
TP-LINK Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E63F3DF4-18E8-4F46-BBD8-E64FC9C370AD}\setup.exe" -l0x9 -removeonly
TuneUp Utilities 2012-->C:\Program Files\TuneUp Utilities 2012\TUInstallHelper.exe --Trigger-Uninstall
TuneUp Utilities-->C:\Program Files\TuneUp Utilities 2010\TUInstallHelper.exe --Trigger-Uninstall
Uniblue RegistryBooster-->"C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\standard_1.exe" REMOVE=TRUE MODIFY=FALSE
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client
Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
VATowiec 3.36-->"C:\BR\unins000.exe"
VATowiec 3.61-->"C:\BR\unins001.exe"
VLC media player 1.0.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinSCP 4.3.3-->"C:\Program Files\WinSCP\unins000.exe"
XnView 1.97.6-->"C:\Program Files\XnView\unins000.exe"
ZipZag 1.80 Archiver-->"C:\Program Files\ZipZag\unins000.exe"
======Security center information======
AS: Windows Defender (disabled)
======System event log======
Computer Name: Gosia-PC
Event Code: 7
Message: W urządzeniu \Device\CdRom0 wystąpił zły blok.
Record Number: 706270
Source Name: cdrom
Time Written: 20111116164711.530581-000
Event Type: Błąd
User:
Computer Name: Gosia-PC
Event Code: 7
Message: W urządzeniu \Device\CdRom0 wystąpił zły blok.
Record Number: 706269
Source Name: cdrom
Time Written: 20111116164711.182581-000
Event Type: Błąd
User:
Computer Name: Gosia-PC
Event Code: 7
Message: W urządzeniu \Device\CdRom0 wystąpił zły blok.
Record Number: 706268
Source Name: cdrom
Time Written: 20111116164710.782581-000
Event Type: Błąd
User:
Computer Name: Gosia-PC
Event Code: 7
Message: W urządzeniu \Device\CdRom0 wystąpił zły blok.
Record Number: 706267
Source Name: cdrom
Time Written: 20111116164710.385581-000
Event Type: Błąd
User:
Computer Name: Gosia-PC
Event Code: 7
Message: W urządzeniu \Device\CdRom0 wystąpił zły blok.
Record Number: 706266
Source Name: cdrom
Time Written: 20111116164709.736581-000
Event Type: Błąd
User:
=====Application event log=====
Computer Name: Gosia-PC
Event Code: 0
Message:
Record Number: 209577
Source Name: gupdate1c99e905af1e7e0
Time Written: 20110527054735.000000-000
Event Type: Informacje
User:
Computer Name: Gosia-PC
Event Code: 1
Message: Klient usług certyfikatów został uruchomiony pomyślnie.
Record Number: 209576
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20110527054725.427060-000
Event Type: Informacje
User: Gosia-PC\Gosia
Computer Name: Gosia-PC
Event Code: 1
Message: Klient usług certyfikatów został uruchomiony pomyślnie.
Record Number: 209575
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20110527054628.373060-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM
Computer Name: Gosia-PC
Event Code: 1003
Message: Usługa Windows Search została uruchomiona.
Record Number: 209574
Source Name: Microsoft-Windows-Search
Time Written: 20110527054547.000000-000
Event Type: Informacje
User:
Computer Name: Gosia-PC
Event Code: 7500
Message:
Record Number: 209573
Source Name: IAANTmon
Time Written: 20110527054534.000000-000
Event Type: Informacje
User:
=====Security event log=====
Computer Name: Gosia-PC
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.
Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: GOSIA-PC$
Domena konta: BOBIK
Identyfikator logowania: 0x3e7
Typ logowania: 5
Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}
Informacje o procesie:
Identyfikator procesu: 0x2c8
Nazwa procesu: C:\Windows\System32\services.exe
Informacje o sieci:
Nazwa stacji roboczej:
Adres źródłowy sieci: -
Port źródłowy: -
Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0
To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.
Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.
Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).
Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.
Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.
Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 225115
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111011065356.608619-000
Event Type: Sukces inspekcji
User:
Computer Name: Gosia-PC
Event Code: 4648
Message: Podjęto próbę logowania przy użyciu jawnych poświadczeń.
Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: GOSIA-PC$
Domena konta: BOBIK
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}
Konto, którego poświadczenia zostały użyte:
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}
Serwer docelowy:
Nazwa serwera docelowego: localhost
Informacje dodatkowe: localhost
Informacje o procesie:
Identyfikator procesu: 0x2c8
Nazwa procesu: C:\Windows\System32\services.exe
Informacje o sieci:
Adres sieciowy: -
Port: -
To zdarzenie jest generowane, gdy proces podejmie próbę zalogowania się na koncie, określając w sposób jawny poświadczenia konta. To zdarzenie najczęściej występuje w konfiguracjach wsadowych, takich jak zaplanowane zadania, lub podczas używania polecenia RUNAS.
Record Number: 225114
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111011065356.608619-000
Event Type: Sukces inspekcji
User:
Computer Name: Gosia-PC
Event Code: 5038
Message: Funkcja sprawdzania integralności kodu wykryła, że skrót obrazu pliku jest nieprawidłowy. Plik mógł zostać uszkodzony z powodu nieautoryzowanej modyfikacji. Nieprawidłowy skrót może wskazywać potencjalny problem z urządzeniem dyskowym.
Nazwa pliku: \Device\HarddiskVolume2\Windows\System32\FsUsbExDisk.Sys
Record Number: 225113
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111011065023.154819-000
Event Type: Niepowodzenie inspekcji
User:
Computer Name: Gosia-PC
Event Code: 5038
Message: Funkcja sprawdzania integralności kodu wykryła, że skrót obrazu pliku jest nieprawidłowy. Plik mógł zostać uszkodzony z powodu nieautoryzowanej modyfikacji. Nieprawidłowy skrót może wskazywać potencjalny problem z urządzeniem dyskowym.
Nazwa pliku: \Device\HarddiskVolume2\Windows\System32\drivers\MGHwCtrl.sys
Record Number: 225112
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111011065020.721219-000
Event Type: Niepowodzenie inspekcji
User:
Computer Name: Gosia-PC
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.
Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Uprawnienia: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 225111
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111011065017.242419-000
Event Type: Sukces inspekcji
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"configsetroot"=%SystemRoot%\ConfigSetRoot
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
[/log]

Gość
komentarz
komentarz

Uruchom OTL i w oknie [b]Własne opcje skanowania/skrypt[/b] wklej:


[code]:Files
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
C:\Users\Gosia\winlogon.exe

:OTL
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\ssBarLcher.dll (StartSearch Inc.)
O3 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe File not found
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-21-777273053-2809330852-579202895-1000..\Run: [winlogon] C:\Users\Gosia\winlogon.exe ()
O20 - HKU\S-1-5-21-777273053-2809330852-579202895-1000 Winlogon: Shell - ("C:\Users\Gosia\winlogon.exe") - C:\Users\Gosia\winlogon.exe ()
O33 - MountPoints2\{28256b56-8c5b-11dd-858e-001d924b4316}\Shell\AutoRun\command - "" = WScript.exe .\`.vbs
O33 - MountPoints2\{28256b56-8c5b-11dd-858e-001d924b4316}\Shell\open\Command - "" = WScript.exe .\`.vbs
O33 - MountPoints2\{ae2e19fe-7f15-11dd-afab-001d924b4316}\Shell - "" = AutoRun
O33 - MountPoints2\{ae2e19fe-7f15-11dd-afab-001d924b4316}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{cf69978f-8b50-11df-9025-001d924b4316}\Shell - "" = AutoRun
O33 - MountPoints2\{d9bb8940-a130-11df-8a7c-001d924b4316}\Shell - "" = Autorun

:Commands
[emptyflash]
[emptytemp][/code]

Kliknij w [b]Wykonaj skrypt[/b]


2. Pobierz[b] AdwCleaner[/b] i wykonaj nim skan z opcji [b]Search.[/b] Przedstaw raport
http://general-changelog-team.fr/outils/289-adwcleaner

bobstar
komentarz
komentarz

Dzięki za pomoc. najpierw wykonałem skrypt (wylogowało mnie, musiałem dac nowy proces explorer.exe aby wejsc do pulpitu)
zrobiłem skan adwCleaner
[log]
# AdwCleaner v1.602 - Logfile created 04/20/2012 at 11:23:52
# Updated 19/04/2012 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# User : Gosia - GOSIA-PC
# Running from : C:\Users\Gosia\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****
Found : AskService
Found : AskUpgrade
***** [Files / Folders] *****
Folder Found : C:\Users\Gosia\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Program Files\AskBarDis
Folder Found : C:\Program Files\Babylon
File Found : C:\Users\Gosia\AppData\Local\Temp\Uninstall.exe
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
***** [H. Navipromo] *****

***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\AppDataLow\AskBarDis
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1
Key Found : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher
Key Found : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1
Key Found : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
***** [Registre - GUID] *****
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3041D03E-FD4B-44E0-B742-2D9B88305F98}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://startsear.ch/
-\\ Mozilla Firefox v11.0 (pl)
## File : C:\Users\Gosia\AppData\Roaming\Mozilla\Firefox\Profiles\a8hpptxj.default\prefs.js
Found : user_pref("browser.babylon.HPOnNewTab", "1");
Found : user_pref("browser.search.defaulturl", "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browserse[...]
Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
Found : user_pref("extensions.snipit.askTbInstalled", true);
Found : user_pref("keyword.URL", "hxxp://search.babylon.com/?babsrc=adbartrp&AF=15627&q=");
-\\ Google Chrome v18.0.1025.162
## File : C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found : "description": "Babylon tool translates texts from within your Google Chrome in a sin[...]
Found : "128": "babylon48.png",
Found : "48": "babylon48.png"
Found : "name": "Babylon Translator",
Found : "path": "BabylonChromePI.dll",
Found : "name": "Babylon Chrome Plugin",
Found : "path": "C:\\Users\\Gosia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\[...]
Found : "name": "Babylon Chrome Plugin"
-\\ Opera v11.62.1347.0
## File : C:\Users\Gosia\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [5755 octets] - [20/04/2012 11:23:52]
########## EOF - C:\AdwCleaner[R1].txt - [5883 octets] ##########
[/log]

Gość
komentarz
komentarz

[quote]Dzięki za pomoc. najpierw wykonałem skrypt (wylogowało mnie, musiałem dac nowy proces explorer.exe aby wejsc do pulpitu)[/quote]

Po co tak ma być OTL zamyka wszystkie procesy. Usuwanie następuje poza system po restarcie wszystko sie pojawi samo. Nic nie trzeba robić.

Daj nowy skan [b]OTL wg tej instrukcji[/b] http://www.fixitpc.pl/topic/61-diagnostyka-ogolne-raporty-systemowe/#1

bobstar
komentarz
komentarz

ok, poniżej logi:

[log]
OTL logfile created on: 2012-04-20 13:07:57 - Run 2
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Gosia\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,99 Gb Total Physical Memory | 0,74 Gb Available Physical Memory | 37,29% Memory free
4,22 Gb Paging File | 2,88 Gb Available in Paging File | 68,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 88,87 Gb Total Space | 3,38 Gb Free Space | 3,80% Space Free | Partition Type: NTFS
Drive E: | 59,20 Gb Total Space | 9,55 Gb Free Space | 16,13% Space Free | Partition Type: NTFS

Computer Name: GOSIA-PC | User Name: Gosia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-04-20 12:56:28 | 000,047,712 | ---- | M] (GG Network S.A.) -- C:\Users\Gosia\AppData\Local\GG\Application\ggapp.exe
PRC - [2012-04-20 09:35:03 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Gosia\Desktop\OTL.exe
PRC - [2012-04-16 22:50:11 | 003,086,432 | ---- | M] (GG Network S.A.) -- C:\Users\Gosia\AppData\Local\GG\Application\ggdrive\ggdrive.exe
PRC - [2012-04-11 08:57:58 | 003,213,408 | ---- | M] (GG Network S.A.) -- C:\Users\Gosia\AppData\Local\GG\Application\gghub.exe
PRC - [2012-03-03 12:05:37 | 000,250,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11f_ActiveX.exe
PRC - [2012-02-24 19:58:24 | 000,307,824 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011-04-12 18:07:38 | 000,198,656 | ---- | M] () -- C:\Users\Gosia\winlogon.exe
PRC - [2010-01-19 18:29:02 | 000,713,544 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010-01-19 18:27:18 | 001,043,784 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009-06-07 14:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\nlssrv32.exe
PRC - [2009-04-30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-03-31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2008-06-14 01:02:04 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMCONFIG.exe
PRC - [2008-05-30 01:22:32 | 000,331,776 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMProcess.exe
PRC - [2008-05-30 01:22:32 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\StartAutorun.exe
PRC - [2008-05-30 01:22:32 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMWDSrv.exe
PRC - [2008-01-29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007-02-12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro\o2flash.exe
PRC - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
PRC - [2006-03-22 12:07:22 | 000,040,960 | ---- | M] () -- C:\Program Files\System Control Manager\edd.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-20 12:56:37 | 001,900,544 | ---- | M] () -- C:\Users\Gosia\AppData\Local\GG\Application\xulrunner\mozjs.dll
MOD - [2012-03-28 08:17:34 | 000,135,168 | ---- | M] () -- C:\Users\Gosia\AppData\Local\GG\Application\ggdrive\zlib1.dll
MOD - [2012-03-16 11:31:56 | 008,526,720 | ---- | M] () -- C:\Users\Gosia\AppData\Local\GG\Application\FMSBWChecker\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
MOD - [2012-01-08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011-04-12 18:07:38 | 000,198,656 | ---- | M] () -- C:\Users\Gosia\winlogon.exe
MOD - [2008-06-16 09:06:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Mouse Driver\MouseHook.dll
MOD - [2007-03-29 12:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Mouse Driver\keydll.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (LiveUpdate Notice Ex)
SRV - File not found [Auto | Stopped] -- -- (IAANTMON) Intel(R)
SRV - File not found [Auto | Stopped] -- -- (ASKUpgrade)
SRV - File not found [Auto | Stopped] -- -- (ASKService)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-11-16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011-10-18 10:16:06 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010-01-19 18:27:18 | 001,043,784 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010-01-19 18:24:12 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009-11-14 15:29:06 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2009-06-07 14:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\nlssrv32.exe -- (nlsX86cc)
SRV - [2009-04-30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009-03-31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008-05-30 01:22:32 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2008-04-07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-03-03 21:36:40 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008-01-29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008-01-18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-18 23:36:50 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008-01-18 23:36:16 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007-02-12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro\o2flash.exe -- (o2flash)
SRV - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)
SRV - [2006-03-22 12:07:22 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Program Files\System Control Manager\edd.exe -- (NishService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a5p2tvy0)
DRV - [2009-12-30 10:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009-11-09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-10-14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009-05-01 01:03:08 | 006,754,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 250(UVC)
DRV - [2009-05-01 01:01:36 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009-05-01 01:00:00 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009-04-30 16:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009-04-11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009-03-31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-03-24 20:07:38 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2009-03-20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-03-20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009-03-20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009-01-13 09:45:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008-04-18 12:30:29 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008-03-22 11:31:58 | 000,017,024 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFilter.SYS -- (KMWDFilter)
DRV - [2007-03-09 08:01:00 | 000,035,968 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2007-03-05 15:28:00 | 000,076,288 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006-12-22 06:21:52 | 000,019,456 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MGHwCtrl.sys -- (MGHwCtrl)
DRV - [2006-11-30 20:55:00 | 000,113,792 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2006-11-20 18:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006-11-20 09:14:08 | 000,038,400 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2006-11-02 18:41:00 | 000,053,504 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006-11-02 09:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006-10-28 01:29:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006-10-10 20:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2006-10-05 17:07:46 | 000,073,600 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2005-08-01 17:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005-01-06 14:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://startsear.ch/"]http://startsear.ch/[/url]
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC[/url]
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]
IE - HKLM\..\SearchScopes\{6BD63EF5-F376-4104-B390-F6E1E3BEDAAC}: "URL" = [url="http://startsear.ch/?q={searchTerms"]http://startsear.ch/?q={searchTerms[/url]}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.onet.pl/"]http://www.onet.pl/[/url]
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC[/url]
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = [url="http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627"]http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627[/url]
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_plPL325"]http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_plPL325[/url]
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\SearchScopes\{6BD63EF5-F376-4104-B390-F6E1E3BEDAAC}: "URL" = [url="http://startsear.ch/?q={searchTerms"]http://startsear.ch/?q={searchTerms[/url]}
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = [url="http://isearch.avg.com/search?cid={13D3E8E6-4BF8-452D-907E-1F206EDB52DF}&mid=32904b96a97447d08753d154d4afaae5-be72f898c1c2c2df576d9b216766416aed369e44&lang=pl&ds=gm011&pr=sa&d=2012-03-26"]http://isearch.avg.com/search?cid={13D3E8E6-4BF8-452D-907E-1F206EDB52DF}&mid=32904b96a97447d08753d154d4afaae5-be72f898c1c2c2df576d9b216766416aed369e44&lang=pl&ds=gm011&pr=sa&d=2012-03-26[/url] 20:03:05&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-777273053-2809330852-579202895-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Gosia\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Gosia\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-22 16:49:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-16 21:38:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011-11-14 13:55:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012-04-16 21:38:39 | 000,000,000 | ---D | M]

[2010-08-19 15:41:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gosia\AppData\Roaming\mozilla\Extensions
[2010-08-19 15:41:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gosia\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012-04-16 22:54:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions
[2010-04-29 09:04:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-04-11 11:48:50 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2008-12-23 12:28:35 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2011-01-10 11:12:01 | 000,000,000 | ---D | M] (Firesheep) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\firesheep@codebutler.com
[2009-12-04 13:35:13 | 000,000,000 | ---D | M] (SeoQuake Plugin - Seolinx) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\seoquake-plugin-seolinx@seoquake.com
[2012-01-17 01:25:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-03-30 12:31:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-03-22 16:49:08 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-10-03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-10-07 12:19:18 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-03-26 20:03:00 | 000,003,749 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2010-12-27 10:02:05 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011-10-07 12:19:18 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-10-07 12:19:18 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-10-07 12:19:18 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-10-07 12:19:18 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-10-07 12:19:18 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = [url="http://isearch.avg.com/search?cid={13D3E8E6-4BF8-452D-907E-1F206EDB52DF}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms"]http://isearch.avg.com/search?cid={13D3E8E6-4BF8-452D-907E-1F206EDB52DF}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms[/url]}
CHR - default_search_provider: suggest_url = [url="http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding"]http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding[/url]}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Babylon Chrome Plugin (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\BabylonChromePI.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Babylon Translator = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\
CHR - Extension: Edit This Cookie = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\0.14.8_0\
CHR - Extension: Skype Click to Call = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: SEO SERP = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoaoaloeipdofknnaapbmdddddioklg\0.14.4_0\
CHR - Extension: Gmail = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\ssBarLcher.dll (StartSearch Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - E:\programy\ALLPlayer\Iplex\IplexToALLPlayer.dll File not found
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (StartSearchToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\ssBarLcher.dll (StartSearch Inc.)
O3 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe File not found
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-777273053-2809330852-579202895-1000..\Run: [GG] C:\Users\Gosia\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-777273053-2809330852-579202895-1000..\Run: [winlogon] C:\Users\Gosia\winlogon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..Trusted Domains: com.tw ([asia.msi] http in Local intranet)
O15 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..Trusted Domains: com.tw ([global.msi] http in Local intranet)
O15 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..Trusted Domains: com.tw ([www.msi] http in Local intranet)
O15 - HKU\S-1-5-21-777273053-2809330852-579202895-1000\..Trusted Domains: google.pl ([www] https in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [url="http://download.eset.com/special/eos/OnlineScanner.cab"]http://download.eset.com/special/eos/OnlineScanner.cab[/url] (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [url="http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab"]http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab[/url] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC3D5EA7-EC0A-4BB6-BDE9-F4DDD20D4D7D}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDA372CA-4DD5-4BCA-B90E-9B4BE5AFD8FA}: DhcpNameServer = 8.8.8.8 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-777273053-2809330852-579202895-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-777273053-2809330852-579202895-1000 Winlogon: Shell - ("C:\Users\Gosia\winlogon.exe") - C:\Users\Gosia\winlogon.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Gosia\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Gosia\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-03-28 21:10:33 | 000,028,676 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O33 - MountPoints2\{28256b56-8c5b-11dd-858e-001d924b4316}\Shell\AutoRun\command - "" = WScript.exe .\`.vbs
O33 - MountPoints2\{28256b56-8c5b-11dd-858e-001d924b4316}\Shell\open\Command - "" = WScript.exe .\`.vbs
O33 - MountPoints2\{ae2e19fe-7f15-11dd-afab-001d924b4316}\Shell - "" = AutoRun
O33 - MountPoints2\{ae2e19fe-7f15-11dd-afab-001d924b4316}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{cf69978f-8b50-11df-9025-001d924b4316}\Shell - "" = AutoRun
O33 - MountPoints2\{d9bb8940-a130-11df-8a7c-001d924b4316}\Shell - "" = Autorun
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-20 11:17:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-20 10:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012-04-20 10:26:11 | 000,000,000 | ---D | C] -- C:\rsit
[2012-04-20 09:35:02 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Gosia\Desktop\OTL.exe
[2012-04-16 22:58:25 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-04-12 10:12:11 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-04-12 10:12:09 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-04-12 10:12:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-04-12 10:12:08 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-04-12 10:12:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-04-12 10:12:07 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-04-12 10:11:36 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012-04-12 10:11:36 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012-03-31 22:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4
[2012-03-31 22:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\Deluxe Ski Jump 4
[2012-03-31 22:51:34 | 000,000,000 | ---D | C] -- C:\Users\Gosia\Documents\Deluxe Ski Jump 4
[2012-03-30 12:31:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-03-30 12:31:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-03-28 08:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\GG
[2012-03-28 08:17:56 | 000,000,000 | --SD | C] -- C:\Users\Gosia\GG dysk
[2012-03-26 20:02:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[1 C:\Users\Gosia\AppData\Local\*.tmp files -> C:\Users\Gosia\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-20 13:14:36 | 007,340,032 | -HS- | M] () -- C:\Users\Gosia\NTUSER.DAT
[2012-04-20 13:12:03 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-777273053-2809330852-579202895-1000UA.job
[2012-04-20 13:02:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-20 12:51:09 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-20 12:51:09 | 000,000,286 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2012-04-20 12:51:08 | 000,000,286 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2012-04-20 12:51:06 | 000,003,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-20 12:51:06 | 000,003,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-20 12:51:01 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-04-20 12:50:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-20 11:50:29 | 000,524,288 | -HS- | M] () -- C:\Users\Gosia\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms
[2012-04-20 11:50:29 | 000,065,536 | -HS- | M] () -- C:\Users\Gosia\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2012-04-20 11:50:03 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012-04-20 11:49:36 | 003,473,023 | -H-- | M] () -- C:\Users\Gosia\AppData\Local\IconCache.db
[2012-04-20 11:23:16 | 000,582,891 | ---- | M] () -- C:\Users\Gosia\Desktop\adwcleaner.exe
[2012-04-20 10:25:37 | 000,781,383 | ---- | M] () -- C:\Users\Gosia\Desktop\RSIT.exe
[2012-04-20 09:35:03 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Gosia\Desktop\OTL.exe
[2012-04-19 22:32:33 | 000,116,736 | ---- | M] () -- C:\Users\Gosia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-04-19 20:12:02 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-777273053-2809330852-579202895-1000Core.job
[2012-04-19 13:41:00 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012-04-16 21:38:41 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-04-15 09:50:58 | 000,000,341 | ---- | M] () -- C:\Windows\win.ini
[2012-04-14 19:37:46 | 001,617,034 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012-04-14 19:37:46 | 000,714,674 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-04-14 19:37:46 | 000,634,650 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-04-14 19:37:46 | 000,152,718 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-04-14 19:37:46 | 000,120,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-03-28 08:51:49 | 000,100,983 | ---- | M] () -- C:\Users\Gosia\Documents\eboa.hyperion.pl_public_4all_faktura.php_id=9705&format=html&r=2012&re=FS.pdf
[2012-03-26 11:08:32 | 000,075,595 | ---- | M] () -- C:\Users\Gosia\Desktop\fakturaAz-tourispace.pdf
[1 C:\Users\Gosia\AppData\Local\*.tmp files -> C:\Users\Gosia\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-20 11:23:16 | 000,582,891 | ---- | C] () -- C:\Users\Gosia\Desktop\adwcleaner.exe
[2012-04-20 10:25:33 | 000,781,383 | ---- | C] () -- C:\Users\Gosia\Desktop\RSIT.exe
[2012-04-18 09:58:08 | 000,001,213 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
[2012-04-16 21:38:41 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-03-28 08:51:49 | 000,100,983 | ---- | C] () -- C:\Users\Gosia\Documents\eboa.hyperion.pl_public_4all_faktura.php_id=9705&format=html&r=2012&re=FS.pdf
[2012-03-26 11:08:32 | 000,075,595 | ---- | C] () -- C:\Users\Gosia\Desktop\fakturaAz-tourispace.pdf
[2011-11-06 22:33:20 | 000,001,958 | ---- | C] () -- C:\Windows\System32\enbseries.ini
[2011-09-25 00:51:40 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011-09-25 00:51:40 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2011-06-23 21:12:33 | 000,884,736 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2011-06-23 21:12:32 | 000,147,456 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2011-06-23 21:12:31 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2011-06-23 21:12:30 | 000,491,520 | ---- | C] () -- C:\Windows\System32\mp3lib.dll
[2011-06-23 21:12:29 | 000,204,800 | ---- | C] () -- C:\Windows\System32\libvorbis.dll
[2011-06-23 21:12:29 | 000,147,522 | ---- | C] () -- C:\Windows\System32\language.ini
[2011-06-23 21:12:29 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LameEncShim.dll
[2011-06-23 21:12:28 | 000,688,128 | ---- | C] () -- C:\Windows\System32\ia32math.dll
[2011-06-23 21:12:28 | 000,212,992 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011-06-23 21:12:24 | 000,070,018 | ---- | C] () -- C:\Windows\System32\akrip32.dll
[2011-06-20 22:46:28 | 000,000,600 | ---- | C] () -- C:\Users\Gosia\AppData\Roaming\winscp.rnd
[2010-10-27 10:06:29 | 000,004,096 | -H-- | C] () -- C:\Users\Gosia\AppData\Local\keyfile3.drm
[2010-06-16 17:24:16 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010-06-07 16:46:43 | 000,000,680 | ---- | C] () -- C:\Users\Gosia\AppData\Local\d3d9caps.dat
[2010-05-12 14:30:21 | 003,473,023 | -H-- | C] () -- C:\Users\Gosia\AppData\Local\IconCache.db
[2010-05-12 00:10:00 | 000,093,656 | ---- | C] () -- C:\Users\Gosia\AppData\Local\GDIPFONTCACHEV1.DAT

[color=#E56717]========== LOP Check ==========[/color]

[2009-02-04 00:01:47 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\2K Sports
[2011-03-11 10:57:14 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Azureus
[2008-06-28 12:50:29 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Blumentals
[2010-07-15 08:25:17 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Bytemobile
[2012-04-19 10:33:43 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\CuteRank
[2008-04-18 12:30:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\DAEMON Tools
[2010-07-15 08:30:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\ERA
[2011-12-12 16:46:38 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\EurekaLog
[2012-04-17 14:04:05 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\FileZilla
[2011-06-08 13:32:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Free Monitor for Google
[2008-03-03 23:33:34 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Gadu-Gadu
[2010-04-27 14:55:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Gadu-Gadu 10
[2008-04-04 23:25:29 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\GameHouse
[2012-04-20 12:57:58 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\GG
[2008-06-21 00:16:39 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\GHISLER
[2010-07-10 10:26:08 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\JAlbum
[2008-11-17 23:29:47 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Leadertech
[2012-03-26 15:02:18 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2009-05-30 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\My Games
[2010-06-26 12:09:35 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\OpenFM
[2010-05-21 01:04:55 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\OpenOffice.org
[2010-05-28 14:26:11 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Opera
[2009-09-21 19:17:29 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\PC Suite
[2008-03-26 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\PeerNetworking
[2009-11-12 12:24:28 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Piechnat Soft
[2008-03-01 18:51:06 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Pogo Games
[2009-06-08 02:37:25 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\PPMate
[2010-11-11 23:17:49 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Raptr
[2009-09-21 19:03:19 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Samsung
[2008-08-22 13:38:25 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Silver Style Entertainment
[2010-08-16 14:57:12 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Softland
[2009-03-10 15:31:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\SoftMaker
[2010-06-02 12:46:29 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Softplicity
[2010-08-19 15:41:30 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Thunderbird
[2011-10-18 10:15:55 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\TuneUp Software
[2011-06-29 23:48:38 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Uniblue
[2011-06-14 09:32:18 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\VS Revo Group
[2009-06-09 20:57:10 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Vso
[2010-08-18 15:00:38 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\XnView
[2009-10-12 14:17:18 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\ZipZag
[2012-04-20 11:50:09 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012-04-20 12:51:08 | 000,000,286 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2012-04-20 12:51:09 | 000,000,286 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

[log]
OTL Extras logfile created on: 2012-04-20 13:07:57 - Run 2
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Gosia\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,99 Gb Total Physical Memory | 0,74 Gb Available Physical Memory | 37,29% Memory free
4,22 Gb Paging File | 2,88 Gb Available in Paging File | 68,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 88,87 Gb Total Space | 3,38 Gb Free Space | 3,80% Space Free | Partition Type: NTFS
Drive E: | 59,20 Gb Total Space | 9,55 Gb Free Space | 16,13% Space Free | Partition Type: NTFS

Computer Name: GOSIA-PC | User Name: Gosia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*"

[HKEY_USERS\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- Reg Error: Key error.
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FOTOJOKER Fotoswiat] -- "C:\Program Files\Fotojoker\FOTOJOKER Fotoswiat\FOTOJOKER Fotoswiat.exe" "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\WapSter\AQQ\AQQ.exe" = C:\Program Files\WapSter\AQQ\AQQ.exe:*:Enabled:P2P AQQ -- (AQQ Sp. z o.o.)
"C:\Program Files\PPMate\ppmate.exe" = C:\Program Files\PPMate\ppmate.exe:*:Enabled:PPMate
"C:\Program Files\PPMate\ppamnet.exe" = C:\Program Files\PPMate\ppamnet.exe:*:Enabled:PPMate


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13D23FCA-53B8-444F-8295-3C466BAC12F3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email="name=@firewallapi.dll,-28539"]name=@firewallapi.dll,-28539[/email] |
"{2CE24AAE-C77C-46E2-9BE9-C10996775A69}" = rport=1723 | protocol=6 | dir=out | app=system |
"{3F9D0189-3480-4CFF-ADAC-17E107EA0B40}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{41A34225-3A85-43D9-85B0-55A3E0E3D48D}" = lport=138 | protocol=17 | dir=in | app=system |
"{523075BA-4096-4177-B995-D6D2FA83380C}" = lport=445 | protocol=6 | dir=in | app=system |
"{5509144C-3644-4DFC-9658-0AA1C906DDFE}" = lport=139 | protocol=6 | dir=in | app=system |
"{6591A9BE-6429-4A0D-A051-809CC7BC604F}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{73C7A2F5-6602-4DD0-BD43-A93FE042A01A}" = lport=1723 | protocol=6 | dir=in | app=system |
"{83961414-B443-4B62-AE2F-17EC67C29520}" = lport=137 | protocol=17 | dir=in | app=system |
"{9D62763D-D0DF-4423-93E8-D07EEF386A58}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A15A0CD5-1A5B-4656-8FD0-CB7B41979538}" = rport=445 | protocol=6 | dir=out | app=system |
"{A59A2414-9393-4CC9-ACF5-7BE22D83E530}" = rport=139 | protocol=6 | dir=out | app=system |
"{B323468F-1752-49C1-8461-9FD1953DB559}" = rport=137 | protocol=17 | dir=out | app=system |
"{BCA38CB7-07FD-43CC-BDD1-449C85A4DFB5}" = rport=1701 | protocol=17 | dir=out | app=system |
"{E663C26A-73C2-436D-86C0-11D94F3D6FF1}" = rport=138 | protocol=17 | dir=out | app=system |
"{EF991DC8-8E8E-44BF-9285-78A2E3698E5D}" = lport=1701 | protocol=17 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FB3BBDC-7A66-4E89-A330-FE25A879F89D}" = protocol=1 | dir=out | [email="name=@firewallapi.dll,-28544"]name=@firewallapi.dll,-28544[/email] |
"{11F91CB0-34F3-46DE-BD19-C00BCE4E4846}" = protocol=58 | dir=out | [email="name=@firewallapi.dll,-28546"]name=@firewallapi.dll,-28546[/email] |
"{21E2D166-887A-450E-A9CF-40DDB0629DAF}" = protocol=17 | dir=in | app=c:\users\gosia\desktop\videoconverter_setup.exe |
"{27693819-FE7F-4C31-83B7-2AF4E9DD5403}" = protocol=6 | dir=in | app=c:\program files\cuterank\cuterank.exe |
"{2A6E5A2F-00A0-4DB8-A8BA-4FC0144A6D61}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{525FB602-2529-4372-9CCE-F2A57964866A}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{771032D5-DADA-47B3-B317-B6C369C9F66C}" = protocol=58 | dir=in | [email="name=@firewallapi.dll,-28545"]name=@firewallapi.dll,-28545[/email] |
"{7B50EE15-0D97-4AC1-ADCA-112ABD3550AF}" = protocol=1 | dir=in | [email="name=@firewallapi.dll,-28543"]name=@firewallapi.dll,-28543[/email] |
"{87EB7DCC-6AF3-4BC3-A1C3-5B9474ECDE0B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA56FC72-88B5-4FAF-B710-AD6B3E7018CE}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{ABCD0646-97CE-4211-AD50-7FE2704AD0F8}" = protocol=17 | dir=in | app=c:\program files\cuterank\cuterank.exe |
"{CEDB63A4-DC4A-4CD9-A8FC-0572F5EB2196}" = protocol=6 | dir=in | app=c:\users\gosia\desktop\videoconverter_setup.exe |
"{E9911258-B96C-4C05-8EE9-AD8D74B3FA67}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{1EADAF55-A582-4B9B-B72E-C57E4C13CAEE}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{20380080-81F7-4290-83BF-19E59636F533}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{2555874A-58FD-4CAC-AE45-A51857B93D85}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{3BB897BA-9601-44B7-B8EF-46CA314FB4CF}E:\gry\cs\hlds.exe" = protocol=6 | dir=in | app=e:\gry\cs\hlds.exe |
"TCP Query User{3CE05880-C97A-4537-AC29-B57650487AFA}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{4011E28A-3ED4-4A54-B36C-3BF675D01806}E:\gry\cs\hl.exe" = protocol=6 | dir=in | app=e:\gry\cs\hl.exe |
"TCP Query User{418BECB2-AD5F-46E0-89C0-EE07761282EB}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{5AA57A4B-DE67-432A-89E2-6954D4108FC0}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{60CB51FB-3E28-406F-B54E-DF9D0E2F7CF0}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{61997441-0B60-47B3-9B6A-EF1357465092}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{77728166-201D-449B-8F46-474AF892204F}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{8DD97830-78A3-47B3-81E7-A55845865EB1}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{97E78F37-7028-45D6-BB51-4883006D8E11}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{988687A8-A992-4116-81AC-0165FAD450EC}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{AE42FD0E-B397-476B-8F44-0CD2D2BA05D3}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{E3642D3F-4F58-405D-829B-EB1412B2227F}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{EA9F3CA5-6362-4CF5-AEC7-D9F040F122B2}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{F48574FC-7D56-49D8-937F-6F4DC659CC57}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F8522DE4-C48E-4D03-B7DD-1453F4FEC867}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{025ADA7F-58DB-453B-95C8-43BAEA141DBA}E:\gry\cs\hl.exe" = protocol=17 | dir=in | app=e:\gry\cs\hl.exe |
"UDP Query User{0930EED6-BBFE-429A-90FD-C456B0759765}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{18E801C7-C520-4B40-90AA-22BA49010B63}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{1BDAFCA2-5F66-446E-BF37-FBD356334EF9}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{2216CE01-9ED9-4508-A877-5DC6B6ECFAEF}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{3AEC57A4-E5C2-4C7C-9012-B0B93C65AA0E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{745455CD-F418-4017-8AC0-3C241AE4A337}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{7942D365-11E7-45E1-8AF6-8FBD0E9F0563}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{7E9D268C-1F39-4620-8892-03A4F2476488}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{9DBA734B-1BA4-4CB8-A1D5-C56BA10A4A4E}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{A650947D-C073-4310-8501-0A5AE9D31239}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{A872E8B8-D8CD-46FB-8846-038766A63331}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{AA4E06F0-9886-4436-9A9F-5A175DD670CC}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{AAC82437-A82D-4928-8BE6-9937A091C60A}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{C2863734-67D2-4D52-B72E-34AD2ABF25D9}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{E2781372-AEC3-4F0F-B902-7DDF35E14B47}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{E5C39486-969D-49AB-B466-20384225DD0F}E:\gry\cs\hlds.exe" = protocol=17 | dir=in | app=e:\gry\cs\hlds.exe |
"UDP Query User{ED1663BA-8520-45EA-BBAF-80E60121C702}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{FDDD1FA6-B48D-4AB2-89FD-ABB8E8732274}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007E2169-16E4-4ACF-95BF-2E9FBC49673E}" = Adobe Setup
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05381030-963D-4779-BECA-0D7D49268EDB}" = Płatnik 8.01.001
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{1466F426-3D1E-411C-89BE-5F04261123EF}" = Adobe InDesign CS3
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A539CD9-0F75-4875-9A32-E06DD93C4114}" = Adobe Extension Manager CS3
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{48B82226-75E3-4E90-92CC-D30F79EA6380}" = Norton Security Scan
"{48C10E3C-A04F-4ED0-82AF-609CC5DE0F5D}" = O2Micro Flash Memory Card Reader Driver Installer(x86)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5525F6BD-0627-4F48-9640-B809A834E69C}" = The Panorama Factory V5 m32 Edition
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{55BFC356-5A7B-482F-A213-9ACFDDFF6037}" = Mouse Driver
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.7
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F0F5F58-0EE4-4DAB-B5C2-C047A250C696}" = Adobe Setup
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85767617-E6B1-499E-8C1B-C92E2AAFF586}" = TuneUp Utilities Language Pack (pl-PL)
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish
"{AC76D478-1033-0000-3478-000000000001}" = Adobe Acrobat Distiller 6.0
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{ACCD5C00-F1E4-11DD-AA93-005056C00008}" = Paragon Partition Manager™ 10.0 Server
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B7A27DE8-1A77-45E3-8CFB-72A50D1C2922}" = Jalbum
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCFB469B-85FF-4CB6-AA75-542BDE267A22}" = Easy Email Sender
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = PowerDVD Copy
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E63F3DF4-18E8-4F46-BBD8-E64FC9C370AD}" = TP-LINK Driver Installation Program
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB87675F-5281-4767-A54B-31931794C23D}" = OpenOffice.org 3.3
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{FDFCE5F3-8962-579F-8398-16310ABED56A}" = Market Samurai
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Adobe_c6130331409d42b2f62a7cc73ec2c87" = Adobe InDesign CS3
"ALLPlayer_is1" = ALLPlayer V4.X
"appcd_2009.PL000.002" = pkt.pl na CD - CD Turystyka 2009
"CCleaner" = CCleaner (remove only)
"CuteRank" = CuteRank 3.5.0
"Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4
"DMI Browser" = DMI Browse
"doPDF 7 printer_is1" = doPDF 7.1 printer
"DRUKI IPS_is1" = DRUKI IPS
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.1.0.2
"Easy Email Sender" = Easy Email Sender
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.3
"FOTOJOKER Fotoswiat" = FOTOJOKER Fotoswiat
"Free Monitor for Google_is1" = Free Monitor for Google 2.5
"Gadu-Gadu 10" = Gadu-Gadu 10
"GOM Player" = GOM Player
"Google Updater" = Aktualizator Google
"GSview 4.8" = GSview 4.8
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InfoView" = InfoView
"InstallShield_{55BFC356-5A7B-482F-A213-9ACFDDFF6037}" = Mouse Driver
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"JDownloader" = JDownloader
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"kED_is1" = kED 2.1.4.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.3.4 (Full)
"lvdrivers_12.0" = Pakiet sterowników: Logitech Webcam Software
"Mahjong Garden Deluxe Free" = Mahjong Garden Deluxe Free
"MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1" = Market Samurai
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Monopoly by Parker Brothers" = Monopoly by Parker Brothers
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"Mozilla Thunderbird 11.0.1 (x86 pl)" = Mozilla Thunderbird 11.0.1 (x86 pl)
"OEBackupGenie_is1" = Outlook Express Backup Genie v2.0
"Opera 11.62.1347" = Opera 11.62
"PDF Combine_is1" = PDF Combine
"PITy 2008_is1" = PITy 2008 dla Windows kompilacja:1.0.2.10
"PowerISO" = PowerISO
"Program Pit 2007 - rozliczenie roczne podatku dochodowego_is1" = 1.0.0.25
"Quick Search Box" = Okno szybkiego wyszukiwania Google
"RealAlt_is1" = Real Alternative 1.8.4
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"seopowersuite" = SEO SpyGlass
"SkanerOnline" = Skaner on-line mks_vir
"SubEdit-Player_is1" = SubEdit-Player
"SystemRequirementsLab" = System Requirements Lab
"Tetris 5000(v1.10 full version)" = Tetris 5000(v1.10 full version)
"Total Video Converter 3.14_is1" = Total Video Converter 3.14 080930
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities" = TuneUp Utilities
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"VATowiec Komplet_is1" = VATowiec 3.61
"VATowiec_is1" = VATowiec 3.36
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"WinRAR archiver" = Archiwizator WinRAR
"winscp3_is1" = WinSCP 4.3.3
"XnView_is1" = XnView 1.97.6
"ZipZag_is1" = ZipZag 1.80 Archiver

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-04-18 18:37:53 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 1023
Description =

Error - 2012-04-18 18:38:09 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 2012-04-18 18:38:09 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 2012-04-18 18:38:09 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 1023
Description =

Error - 2012-04-19 03:13:30 | Computer Name = Gosia-PC | Source = Application Hang | ID = 1002
Description = Program iexplore.exe w wersji 9.0.8112.16421 zatrzymał interakcję
z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej
informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania
raportami i rozwiązaniami problemów. Identyfikator procesu: 1168 Godzina rozpoczęcia:
01cd1df987a357f6 Godzina zakończenia: 40

Error - 2012-04-19 08:55:03 | Computer Name = Gosia-PC | Source = Application Hang | ID = 1002
Description = Program Taskmgr.exe w wersji 6.0.6001.18000 zatrzymał interakcję z
systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami
i rozwiązaniami problemów. Identyfikator procesu: e18 Godzina rozpoczęcia: 01cd1e2b77711fae
Godzina
zakończenia: 4217

Error - 2012-04-20 01:20:22 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 2012-04-20 01:20:23 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 2012-04-20 01:20:23 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 1023
Description =

Error - 2012-04-20 03:29:37 | Computer Name = Gosia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gghub.exe, wersja 11.0.0.0, sygnatura czasowa
0x4f7d023b, moduł powodujący błąd gghub.exe, wersja 11.0.0.0, sygnatura czasowa
0x4f7d023b, kod wyjątku 0xc0000005, przesunięcie błędu 0x00022699, identyfikator
procesu 0xa74, godzina rozpoczęcia aplikacji 0x01cd1ec72d1fe1f4.

[ System Events ]
Error - 2012-04-20 03:20:46 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-20 03:20:46 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-20 03:20:46 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 2012-04-20 05:17:27 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 2012-04-20 06:52:33 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-20 06:52:33 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-20 06:52:33 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-20 06:52:33 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 2012-04-20 06:55:22 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 2012-04-20 06:55:22 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
[/log]

proszę o info co dalej

Gość
komentarz
komentarz

[quote]proszę o info co dalej [/quote]

Powtórz wykonanie skryptu. uruchom OTL w klej skrypt, kliknij w [b]Wykonaj skrypt.[/b] OTL poprosi o zatwierdzenie restartu. Kliknij [b]OK[/b] i czekaj. Po ponownym uruchomieniu systemu, OTL wygeneruje log z usuwania. Zapisz go i dołacz do posta.

bobstar
komentarz
komentarz

oto log
[log]
All processes killed
========== FILES ==========
File\Folder C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job not found.
File\Folder C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job not found.
File\Folder C:\Users\Gosia\winlogon.exe not found.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\ deleted successfully.
C:\Program Files\vShare.tv plugin\ssBarLcher.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-777273053-2809330852-579202895-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found.
Registry value HKEY_USERS\S-1-5-21-777273053-2809330852-579202895-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_USERS\S-1-5-21-777273053-2809330852-579202895-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-777273053-2809330852-579202895-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IAAnotif deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KMCONFIG deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_USERS\S-1-5-21-777273053-2809330852-579202895-1000\Software\Microsoft\Windows\CurrentVersion\Run\\winlogon deleted successfully.
File C:\Users\Gosia\winlogon.exe not found.
Registry value HKEY_USERS\S-1-5-21-777273053-2809330852-579202895-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:"C:\Users\Gosia\winlogon.exe" deleted successfully.
File C:\Users\Gosia\winlogon.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{28256b56-8c5b-11dd-858e-001d924b4316}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28256b56-8c5b-11dd-858e-001d924b4316}\ not found.
File WScript.exe .\`.vbs not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{28256b56-8c5b-11dd-858e-001d924b4316}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28256b56-8c5b-11dd-858e-001d924b4316}\ not found.
File WScript.exe .\`.vbs not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ae2e19fe-7f15-11dd-afab-001d924b4316}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae2e19fe-7f15-11dd-afab-001d924b4316}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ae2e19fe-7f15-11dd-afab-001d924b4316}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae2e19fe-7f15-11dd-afab-001d924b4316}\ not found.
File G:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf69978f-8b50-11df-9025-001d924b4316}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf69978f-8b50-11df-9025-001d924b4316}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9bb8940-a130-11df-8a7c-001d924b4316}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9bb8940-a130-11df-8a7c-001d924b4316}\ not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 41 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Gosia
->Flash cache emptied: 74118 bytes

User: Gosia&Filip

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Gosia
->Temp folder emptied: 101568748 bytes
->Temporary Internet Files folder emptied: 388709714 bytes
->Java cache emptied: 8570522 bytes
->FireFox cache emptied: 213590749 bytes
->Google Chrome cache emptied: 204024458 bytes
->Opera cache emptied: 13807317 bytes
->Flash cache emptied: 0 bytes

User: Gosia&Filip

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 27668519 bytes
RecycleBin emptied: 734287100 bytes

Total Files Cleaned = 1 614,00 mb


OTL by OldTimer - Version 3.2.40.0 log created on 04212012_102818
Files\Folders moved on Reboot...
C:\Users\Gosia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WTL33P2X\fastbuttonCACG11F5.htm moved successfully.
C:\Users\Gosia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WTL33P2X\index[4].htm moved successfully.
C:\Users\Gosia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OWCLBU7B\plusone_gadget[1].htm moved successfully.
C:\Users\Gosia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IFCA8T57\fastbuttonCA152KYF.htm moved successfully.
C:\Users\Gosia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CQNDTB8N\fastbuttonCA09YJYE.htm moved successfully.
C:\Users\Gosia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Gosia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
Registry entries deleted on Reboot...
[/log]

ale i tym razem wylogowało mnie, musiałem zalogować sie do profilu, uruchomić proces explorer.exe i jeszcze raz dałem OTL i skrypt - wtedy zadziałało jak należy

Gość
komentarz
komentarz

Uruchom AdwCleaner i kliknij Delete.

Po usuwaniu zrób nowy skan OTL i przedstaw raport.
Jak zachowuje sie system?

bobstar
komentarz
komentarz

dziękuję! narazie system działa ok. już nie ma czarnego ekranu. ale zrobię to co piszesz i wyślę raport

Gość
komentarz
komentarz

[quote]ale zrobię to co piszesz i wyślę raport [/quote]

dołacz raport ze skanu bo na tym jeszce nie koniec. A musze widzieć jaka jest sytuacja w systemie.

bobstar
komentarz
komentarz

raport AdwCleaner:
[log]
# AdwCleaner v1.602 - Logfile created 04/21/2012 at 20:18:23
# Updated 19/04/2012 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# User : Gosia - GOSIA-PC
# Running from : C:\Users\Gosia\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****
Stopped & Deleted : AskService
Stopped & Deleted : AskUpgrade
***** [Files / Folders] *****
Folder Deleted : C:\Users\Gosia\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Program Files\AskBarDis
Folder Deleted : C:\Program Files\Babylon
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
***** [H. Navipromo] *****

***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\AskBarDis
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
***** [Registre - GUID] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://startsear.ch/ --> hxxp://www.google.fr
-\\ Mozilla Firefox v11.0 (pl)
## File : C:\Users\Gosia\AppData\Roaming\Mozilla\Firefox\Profiles\a8hpptxj.default\prefs.js
C:\Users\Gosia\AppData\Roaming\Mozilla\Firefox\Profiles\a8hpptxj.default\user.js ... Deleted !
Deleted : user_pref("browser.babylon.HPOnNewTab", "1");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browserse[...]
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("extensions.snipit.askTbInstalled", true);
Deleted : user_pref("keyword.URL", "hxxp://search.babylon.com/?babsrc=adbartrp&AF=15627&q=");
-\\ Google Chrome v18.0.1025.162
## File : C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted : "description": "Babylon tool translates texts from within your Google Chrome in a sin[...]
Deleted : "128": "babylon48.png",
Deleted : "48": "babylon48.png"
Deleted : "name": "Babylon Translator",
Deleted : "path": "BabylonChromePI.dll",
Deleted : "name": "Babylon Chrome Plugin",
Deleted : "path": "C:\\Users\\Gosia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\[...]
Deleted : "name": "Babylon Chrome Plugin"
-\\ Opera v11.62.1347.0
## File : C:\Users\Gosia\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [5884 octets] - [20/04/2012 11:23:52]
AdwCleaner[S1].txt - [5264 octets] - [21/04/2012 20:18:23]
########## EOF - C:\AdwCleaner[S1].txt - [5392 octets] ##########
[/log]

OTL:
[log]
OTL logfile created on: 2012-04-21 20:23:04 - Run 3
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Gosia\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,99 Gb Total Physical Memory | 0,83 Gb Available Physical Memory | 41,66% Memory free
4,21 Gb Paging File | 3,08 Gb Available in Paging File | 73,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 88,87 Gb Total Space | 4,45 Gb Free Space | 5,01% Space Free | Partition Type: NTFS
Drive E: | 59,20 Gb Total Space | 5,77 Gb Free Space | 9,74% Space Free | Partition Type: NTFS

Computer Name: GOSIA-PC | User Name: Gosia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-04-20 12:56:28 | 000,047,712 | ---- | M] (GG Network S.A.) -- C:\Users\Gosia\AppData\Local\GG\Application\ggapp.exe
PRC - [2012-04-20 09:35:03 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Gosia\Desktop\OTL.exe
PRC - [2012-04-16 22:50:11 | 003,086,432 | ---- | M] (GG Network S.A.) -- C:\Users\Gosia\AppData\Local\GG\Application\ggdrive\ggdrive.exe
PRC - [2012-04-11 08:57:58 | 003,213,408 | ---- | M] (GG Network S.A.) -- C:\Users\Gosia\AppData\Local\GG\Application\gghub.exe
PRC - [2012-03-03 12:05:37 | 000,250,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11f_ActiveX.exe
PRC - [2012-02-24 19:58:24 | 000,307,824 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010-01-19 18:33:18 | 000,313,672 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe
PRC - [2010-01-19 18:29:02 | 000,713,544 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010-01-19 18:27:18 | 001,043,784 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009-11-09 05:17:50 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009-06-07 14:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\nlssrv32.exe
PRC - [2009-04-30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-03-31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2008-05-30 01:22:32 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMWDSrv.exe
PRC - [2008-01-29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007-02-12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro\o2flash.exe
PRC - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
PRC - [2006-03-22 12:07:22 | 000,040,960 | ---- | M] () -- C:\Program Files\System Control Manager\edd.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-20 12:56:37 | 001,900,544 | ---- | M] () -- C:\Users\Gosia\AppData\Local\GG\Application\xulrunner\mozjs.dll
MOD - [2012-03-28 08:17:34 | 000,135,168 | ---- | M] () -- C:\Users\Gosia\AppData\Local\GG\Application\ggdrive\zlib1.dll
MOD - [2012-03-16 11:31:56 | 008,526,720 | ---- | M] () -- C:\Users\Gosia\AppData\Local\GG\Application\FMSBWChecker\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
MOD - [2012-01-08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2007-09-20 19:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006-07-10 12:00:00 | 000,141,312 | ---- | M] () -- C:\Program Files\ZipZag\zipzagcm.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (LiveUpdate Notice Ex)
SRV - File not found [Auto | Stopped] -- -- (IAANTMON) Intel(R)
SRV - [2012-02-29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-10-18 10:16:06 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010-01-19 18:27:18 | 001,043,784 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010-01-19 18:24:12 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009-11-14 15:29:06 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2009-06-07 14:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\nlssrv32.exe -- (nlsX86cc)
SRV - [2009-04-30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009-03-31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008-05-30 01:22:32 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2008-04-07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008-03-03 21:36:40 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008-01-29 18:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008-01-18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-18 23:36:50 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008-01-18 23:36:16 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007-02-12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro\o2flash.exe -- (o2flash)
SRV - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing)
SRV - [2006-03-22 12:07:22 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Program Files\System Control Manager\edd.exe -- (NishService)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (amqygqqk)
DRV - [2009-12-30 10:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009-11-09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-10-14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009-05-01 01:03:08 | 006,754,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 250(UVC)
DRV - [2009-05-01 01:01:36 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009-05-01 01:00:00 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009-04-30 16:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009-04-11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009-03-31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-03-24 20:07:38 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2009-03-20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-03-20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009-03-20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009-01-13 09:45:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008-04-18 12:30:29 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008-03-22 11:31:58 | 000,017,024 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFilter.SYS -- (KMWDFilter)
DRV - [2007-03-09 08:01:00 | 000,035,968 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\o2sd.sys -- (O2SDRDR)
DRV - [2007-03-05 15:28:00 | 000,076,288 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006-12-22 06:21:52 | 000,019,456 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MGHwCtrl.sys -- (MGHwCtrl)
DRV - [2006-11-30 20:55:00 | 000,113,792 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2006-11-20 18:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006-11-20 09:14:08 | 000,038,400 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2006-11-02 18:41:00 | 000,053,504 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006-11-02 09:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006-10-28 01:29:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006-10-10 20:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2006-10-05 17:07:46 | 000,073,600 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2005-08-01 17:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005-01-06 14:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.fr"]http://www.google.fr[/url]
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC[/url]
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"]http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7[/url]
IE - HKLM\..\SearchScopes\{6BD63EF5-F376-4104-B390-F6E1E3BEDAAC}: "URL" = [url="http://startsear.ch/?q={searchTerms"]http://startsear.ch/?q={searchTerms[/url]}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [url="http://www.google.com"]http://www.google.com[/url]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.onet.pl/"]http://www.onet.pl/[/url]
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC[/url]
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [url="http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_plPL325"]http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_plPL325[/url]
IE - HKCU\..\SearchScopes\{6BD63EF5-F376-4104-B390-F6E1E3BEDAAC}: "URL" = [url="http://startsear.ch/?q={searchTerms"]http://startsear.ch/?q={searchTerms[/url]}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = [url="http://isearch.avg.com/search?cid={13D3E8E6-4BF8-452D-907E-1F206EDB52DF}&mid=32904b96a97447d08753d154d4afaae5-be72f898c1c2c2df576d9b216766416aed369e44&lang=pl&ds=gm011&pr=sa&d=2012-03-26"]http://isearch.avg.com/search?cid={13D3E8E6-4BF8-452D-907E-1F206EDB52DF}&mid=32904b96a97447d08753d154d4afaae5-be72f898c1c2c2df576d9b216766416aed369e44&lang=pl&ds=gm011&pr=sa&d=2012-03-26[/url] 20:03:05&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Gosia\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Gosia\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-22 16:49:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-16 21:38:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011-11-14 13:55:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012-04-16 21:38:39 | 000,000,000 | ---D | M]

[2010-08-19 15:41:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gosia\AppData\Roaming\mozilla\Extensions
[2010-08-19 15:41:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gosia\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012-04-16 22:54:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions
[2010-04-29 09:04:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-04-11 11:48:50 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2008-12-23 12:28:35 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2011-01-10 11:12:01 | 000,000,000 | ---D | M] (Firesheep) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\firesheep@codebutler.com
[2009-12-04 13:35:13 | 000,000,000 | ---D | M] (SeoQuake Plugin - Seolinx) -- C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\seoquake-plugin-seolinx@seoquake.com
[2012-01-17 01:25:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-03-30 12:31:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-03-22 16:49:08 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-10-03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-10-07 12:19:18 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-03-26 20:03:00 | 000,003,749 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2011-10-07 12:19:18 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-10-07 12:19:18 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-10-07 12:19:18 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-10-07 12:19:18 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-10-07 12:19:18 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = [url="http://isearch.avg.com/search?cid={13D3E8E6-4BF8-452D-907E-1F206EDB52DF}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms"]http://isearch.avg.com/search?cid={13D3E8E6-4BF8-452D-907E-1F206EDB52DF}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms[/url]}
CHR - default_search_provider: suggest_url = [url="http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding"]http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding[/url]}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\
CHR - Extension: Edit This Cookie = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\0.14.8_0\
CHR - Extension: Skype Click to Call = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: SEO SERP = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofoaoaloeipdofknnaapbmdddddioklg\0.14.4_0\
CHR - Extension: Gmail = C:\Users\Gosia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - E:\programy\ALLPlayer\Iplex\IplexToALLPlayer.dll File not found
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKCU..\Run: [GG] C:\Users\Gosia\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: com.tw ([asia.msi] http in Local intranet)
O15 - HKCU\..Trusted Domains: com.tw ([global.msi] http in Local intranet)
O15 - HKCU\..Trusted Domains: com.tw ([www.msi] http in Local intranet)
O15 - HKCU\..Trusted Domains: google.pl ([www] https in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [url="http://download.eset.com/special/eos/OnlineScanner.cab"]http://download.eset.com/special/eos/OnlineScanner.cab[/url] (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab"]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/url] (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [url="http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab"]http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab[/url] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC3D5EA7-EC0A-4BB6-BDE9-F4DDD20D4D7D}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDA372CA-4DD5-4BCA-B90E-9B4BE5AFD8FA}: DhcpNameServer = 8.8.8.8 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Gosia\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Gosia\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-03-28 21:10:33 | 000,028,676 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-20 11:17:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-04-20 10:26:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012-04-20 10:26:11 | 000,000,000 | ---D | C] -- C:\rsit
[2012-04-20 09:35:02 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Gosia\Desktop\OTL.exe
[2012-04-16 22:58:25 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-04-12 10:12:11 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-04-12 10:12:09 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-04-12 10:12:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-04-12 10:12:08 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-04-12 10:12:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-04-12 10:12:07 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-04-12 10:11:36 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012-04-12 10:11:36 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012-03-31 22:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4
[2012-03-31 22:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\Deluxe Ski Jump 4
[2012-03-31 22:51:34 | 000,000,000 | ---D | C] -- C:\Users\Gosia\Documents\Deluxe Ski Jump 4
[2012-03-30 12:31:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-03-30 12:31:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012-03-28 08:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\GG
[2012-03-28 08:17:56 | 000,000,000 | --SD | C] -- C:\Users\Gosia\GG dysk
[2012-03-26 20:02:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[1 C:\Users\Gosia\AppData\Local\*.tmp files -> C:\Users\Gosia\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-21 20:27:16 | 000,116,736 | ---- | M] () -- C:\Users\Gosia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-04-21 20:27:11 | 007,340,032 | -HS- | M] () -- C:\Users\Gosia\NTUSER.DAT
[2012-04-21 20:20:01 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-21 20:19:59 | 000,003,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-21 20:19:59 | 000,003,776 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-21 20:19:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-04-21 20:19:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-21 20:18:49 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012-04-21 20:18:46 | 000,524,288 | -HS- | M] () -- C:\Users\Gosia\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms
[2012-04-21 20:18:46 | 000,065,536 | -HS- | M] () -- C:\Users\Gosia\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2012-04-21 20:18:44 | 003,473,455 | -H-- | M] () -- C:\Users\Gosia\AppData\Local\IconCache.db
[2012-04-21 20:12:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-777273053-2809330852-579202895-1000UA.job
[2012-04-21 20:12:00 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-777273053-2809330852-579202895-1000Core.job
[2012-04-21 10:02:26 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-20 13:41:01 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012-04-20 11:23:16 | 000,582,891 | ---- | M] () -- C:\Users\Gosia\Desktop\adwcleaner.exe
[2012-04-20 10:25:37 | 000,781,383 | ---- | M] () -- C:\Users\Gosia\Desktop\RSIT.exe
[2012-04-20 09:35:03 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Gosia\Desktop\OTL.exe
[2012-04-16 21:38:41 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-04-15 09:50:58 | 000,000,341 | ---- | M] () -- C:\Windows\win.ini
[2012-04-14 19:37:46 | 001,617,034 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012-04-14 19:37:46 | 000,714,674 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-04-14 19:37:46 | 000,634,650 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-04-14 19:37:46 | 000,152,718 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-04-14 19:37:46 | 000,120,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-03-28 08:51:49 | 000,100,983 | ---- | M] () -- C:\Users\Gosia\Documents\eboa.hyperion.pl_public_4all_faktura.php_id=9705&format=html&r=2012&re=FS.pdf
[2012-03-26 11:08:32 | 000,075,595 | ---- | M] () -- C:\Users\Gosia\Desktop\fakturaAz-tourispace.pdf
[1 C:\Users\Gosia\AppData\Local\*.tmp files -> C:\Users\Gosia\AppData\Local\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-20 11:23:16 | 000,582,891 | ---- | C] () -- C:\Users\Gosia\Desktop\adwcleaner.exe
[2012-04-20 10:25:33 | 000,781,383 | ---- | C] () -- C:\Users\Gosia\Desktop\RSIT.exe
[2012-04-18 09:58:08 | 000,001,213 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
[2012-04-16 21:38:41 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-03-28 08:51:49 | 000,100,983 | ---- | C] () -- C:\Users\Gosia\Documents\eboa.hyperion.pl_public_4all_faktura.php_id=9705&format=html&r=2012&re=FS.pdf
[2012-03-26 11:08:32 | 000,075,595 | ---- | C] () -- C:\Users\Gosia\Desktop\fakturaAz-tourispace.pdf
[2011-11-06 22:33:20 | 000,001,958 | ---- | C] () -- C:\Windows\System32\enbseries.ini
[2011-09-25 00:51:40 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011-09-25 00:51:40 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2011-06-23 21:12:33 | 000,884,736 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2011-06-23 21:12:32 | 000,147,456 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2011-06-23 21:12:31 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2011-06-23 21:12:30 | 000,491,520 | ---- | C] () -- C:\Windows\System32\mp3lib.dll
[2011-06-23 21:12:29 | 000,204,800 | ---- | C] () -- C:\Windows\System32\libvorbis.dll
[2011-06-23 21:12:29 | 000,147,522 | ---- | C] () -- C:\Windows\System32\language.ini
[2011-06-23 21:12:29 | 000,045,056 | ---- | C] () -- C:\Windows\System32\LameEncShim.dll
[2011-06-23 21:12:28 | 000,688,128 | ---- | C] () -- C:\Windows\System32\ia32math.dll
[2011-06-23 21:12:28 | 000,212,992 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011-06-23 21:12:24 | 000,070,018 | ---- | C] () -- C:\Windows\System32\akrip32.dll
[2011-06-20 22:46:28 | 000,000,600 | ---- | C] () -- C:\Users\Gosia\AppData\Roaming\winscp.rnd
[2010-10-27 10:06:29 | 000,004,096 | -H-- | C] () -- C:\Users\Gosia\AppData\Local\keyfile3.drm
[2010-06-16 17:24:16 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010-06-07 16:46:43 | 000,000,680 | ---- | C] () -- C:\Users\Gosia\AppData\Local\d3d9caps.dat
[2010-05-12 14:30:21 | 003,473,455 | -H-- | C] () -- C:\Users\Gosia\AppData\Local\IconCache.db
[2010-05-12 00:10:00 | 000,093,656 | ---- | C] () -- C:\Users\Gosia\AppData\Local\GDIPFONTCACHEV1.DAT

[color=#E56717]========== LOP Check ==========[/color]

[2009-02-04 00:01:47 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\2K Sports
[2011-03-11 10:57:14 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Azureus
[2008-06-28 12:50:29 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Blumentals
[2010-07-15 08:25:17 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Bytemobile
[2012-04-20 23:43:19 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\CuteRank
[2008-04-18 12:30:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\DAEMON Tools
[2010-07-15 08:30:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\ERA
[2011-12-12 16:46:38 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\EurekaLog
[2012-04-17 14:04:05 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\FileZilla
[2011-06-08 13:32:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Free Monitor for Google
[2008-03-03 23:33:34 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Gadu-Gadu
[2010-04-27 14:55:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Gadu-Gadu 10
[2008-04-04 23:25:29 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\GameHouse
[2012-04-21 20:21:55 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\GG
[2008-06-21 00:16:39 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\GHISLER
[2010-07-10 10:26:08 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\JAlbum
[2008-11-17 23:29:47 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Leadertech
[2012-03-26 15:02:18 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2009-05-30 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\My Games
[2010-06-26 12:09:35 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\OpenFM
[2010-05-21 01:04:55 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\OpenOffice.org
[2010-05-28 14:26:11 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Opera
[2009-09-21 19:17:29 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\PC Suite
[2008-03-26 21:01:46 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\PeerNetworking
[2009-11-12 12:24:28 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Piechnat Soft
[2008-03-01 18:51:06 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Pogo Games
[2009-06-08 02:37:25 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\PPMate
[2010-11-11 23:17:49 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Raptr
[2009-09-21 19:03:19 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Samsung
[2008-08-22 13:38:25 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Silver Style Entertainment
[2010-08-16 14:57:12 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Softland
[2009-03-10 15:31:09 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\SoftMaker
[2010-06-02 12:46:29 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Softplicity
[2010-08-19 15:41:30 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Thunderbird
[2011-10-18 10:15:55 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\TuneUp Software
[2011-06-29 23:48:38 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Uniblue
[2011-06-14 09:32:18 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\VS Revo Group
[2009-06-09 20:57:10 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\Vso
[2010-08-18 15:00:38 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\XnView
[2009-10-12 14:17:18 | 000,000,000 | ---D | M] -- C:\Users\Gosia\AppData\Roaming\ZipZag
[2012-04-21 20:18:52 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/log]

[log]
OTL Extras logfile created on: 2012-04-21 20:23:04 - Run 3
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Gosia\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,99 Gb Total Physical Memory | 0,83 Gb Available Physical Memory | 41,66% Memory free
4,21 Gb Paging File | 3,08 Gb Available in Paging File | 73,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 88,87 Gb Total Space | 4,45 Gb Free Space | 5,01% Space Free | Partition Type: NTFS
Drive E: | 59,20 Gb Total Space | 5,77 Gb Free Space | 9,74% Space Free | Partition Type: NTFS

Computer Name: GOSIA-PC | User Name: Gosia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*"

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- Reg Error: Key error.
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FOTOJOKER Fotoswiat] -- "C:\Program Files\Fotojoker\FOTOJOKER Fotoswiat\FOTOJOKER Fotoswiat.exe" "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\WapSter\AQQ\AQQ.exe" = C:\Program Files\WapSter\AQQ\AQQ.exe:*:Enabled:P2P AQQ -- (AQQ Sp. z o.o.)
"C:\Program Files\PPMate\ppmate.exe" = C:\Program Files\PPMate\ppmate.exe:*:Enabled:PPMate
"C:\Program Files\PPMate\ppamnet.exe" = C:\Program Files\PPMate\ppamnet.exe:*:Enabled:PPMate


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13D23FCA-53B8-444F-8295-3C466BAC12F3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email="name=@firewallapi.dll,-28539"]name=@firewallapi.dll,-28539[/email] |
"{2CE24AAE-C77C-46E2-9BE9-C10996775A69}" = rport=1723 | protocol=6 | dir=out | app=system |
"{3F9D0189-3480-4CFF-ADAC-17E107EA0B40}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{41A34225-3A85-43D9-85B0-55A3E0E3D48D}" = lport=138 | protocol=17 | dir=in | app=system |
"{523075BA-4096-4177-B995-D6D2FA83380C}" = lport=445 | protocol=6 | dir=in | app=system |
"{5509144C-3644-4DFC-9658-0AA1C906DDFE}" = lport=139 | protocol=6 | dir=in | app=system |
"{6591A9BE-6429-4A0D-A051-809CC7BC604F}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{73C7A2F5-6602-4DD0-BD43-A93FE042A01A}" = lport=1723 | protocol=6 | dir=in | app=system |
"{83961414-B443-4B62-AE2F-17EC67C29520}" = lport=137 | protocol=17 | dir=in | app=system |
"{9D62763D-D0DF-4423-93E8-D07EEF386A58}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A15A0CD5-1A5B-4656-8FD0-CB7B41979538}" = rport=445 | protocol=6 | dir=out | app=system |
"{A59A2414-9393-4CC9-ACF5-7BE22D83E530}" = rport=139 | protocol=6 | dir=out | app=system |
"{B323468F-1752-49C1-8461-9FD1953DB559}" = rport=137 | protocol=17 | dir=out | app=system |
"{BCA38CB7-07FD-43CC-BDD1-449C85A4DFB5}" = rport=1701 | protocol=17 | dir=out | app=system |
"{E663C26A-73C2-436D-86C0-11D94F3D6FF1}" = rport=138 | protocol=17 | dir=out | app=system |
"{EF991DC8-8E8E-44BF-9285-78A2E3698E5D}" = lport=1701 | protocol=17 | dir=in | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FB3BBDC-7A66-4E89-A330-FE25A879F89D}" = protocol=1 | dir=out | [email="name=@firewallapi.dll,-28544"]name=@firewallapi.dll,-28544[/email] |
"{11F91CB0-34F3-46DE-BD19-C00BCE4E4846}" = protocol=58 | dir=out | [email="name=@firewallapi.dll,-28546"]name=@firewallapi.dll,-28546[/email] |
"{21E2D166-887A-450E-A9CF-40DDB0629DAF}" = protocol=17 | dir=in | app=c:\users\gosia\desktop\videoconverter_setup.exe |
"{27693819-FE7F-4C31-83B7-2AF4E9DD5403}" = protocol=6 | dir=in | app=c:\program files\cuterank\cuterank.exe |
"{2A6E5A2F-00A0-4DB8-A8BA-4FC0144A6D61}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{525FB602-2529-4372-9CCE-F2A57964866A}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{771032D5-DADA-47B3-B317-B6C369C9F66C}" = protocol=58 | dir=in | [email="name=@firewallapi.dll,-28545"]name=@firewallapi.dll,-28545[/email] |
"{7B50EE15-0D97-4AC1-ADCA-112ABD3550AF}" = protocol=1 | dir=in | [email="name=@firewallapi.dll,-28543"]name=@firewallapi.dll,-28543[/email] |
"{87EB7DCC-6AF3-4BC3-A1C3-5B9474ECDE0B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA56FC72-88B5-4FAF-B710-AD6B3E7018CE}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{ABCD0646-97CE-4211-AD50-7FE2704AD0F8}" = protocol=17 | dir=in | app=c:\program files\cuterank\cuterank.exe |
"{CEDB63A4-DC4A-4CD9-A8FC-0572F5EB2196}" = protocol=6 | dir=in | app=c:\users\gosia\desktop\videoconverter_setup.exe |
"{E9911258-B96C-4C05-8EE9-AD8D74B3FA67}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{1EADAF55-A582-4B9B-B72E-C57E4C13CAEE}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{20380080-81F7-4290-83BF-19E59636F533}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{2555874A-58FD-4CAC-AE45-A51857B93D85}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{3BB897BA-9601-44B7-B8EF-46CA314FB4CF}E:\gry\cs\hlds.exe" = protocol=6 | dir=in | app=e:\gry\cs\hlds.exe |
"TCP Query User{3CE05880-C97A-4537-AC29-B57650487AFA}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{4011E28A-3ED4-4A54-B36C-3BF675D01806}E:\gry\cs\hl.exe" = protocol=6 | dir=in | app=e:\gry\cs\hl.exe |
"TCP Query User{418BECB2-AD5F-46E0-89C0-EE07761282EB}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{5AA57A4B-DE67-432A-89E2-6954D4108FC0}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{60CB51FB-3E28-406F-B54E-DF9D0E2F7CF0}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{61997441-0B60-47B3-9B6A-EF1357465092}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{77728166-201D-449B-8F46-474AF892204F}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{8DD97830-78A3-47B3-81E7-A55845865EB1}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{97E78F37-7028-45D6-BB51-4883006D8E11}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{988687A8-A992-4116-81AC-0165FAD450EC}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{AE42FD0E-B397-476B-8F44-0CD2D2BA05D3}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{E3642D3F-4F58-405D-829B-EB1412B2227F}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{EA9F3CA5-6362-4CF5-AEC7-D9F040F122B2}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{F48574FC-7D56-49D8-937F-6F4DC659CC57}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{F8522DE4-C48E-4D03-B7DD-1453F4FEC867}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{025ADA7F-58DB-453B-95C8-43BAEA141DBA}E:\gry\cs\hl.exe" = protocol=17 | dir=in | app=e:\gry\cs\hl.exe |
"UDP Query User{0930EED6-BBFE-429A-90FD-C456B0759765}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{18E801C7-C520-4B40-90AA-22BA49010B63}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{1BDAFCA2-5F66-446E-BF37-FBD356334EF9}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{2216CE01-9ED9-4508-A877-5DC6B6ECFAEF}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{3AEC57A4-E5C2-4C7C-9012-B0B93C65AA0E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{745455CD-F418-4017-8AC0-3C241AE4A337}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{7942D365-11E7-45E1-8AF6-8FBD0E9F0563}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{7E9D268C-1F39-4620-8892-03A4F2476488}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{9DBA734B-1BA4-4CB8-A1D5-C56BA10A4A4E}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{A650947D-C073-4310-8501-0A5AE9D31239}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{A872E8B8-D8CD-46FB-8846-038766A63331}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{AA4E06F0-9886-4436-9A9F-5A175DD670CC}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{AAC82437-A82D-4928-8BE6-9937A091C60A}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{C2863734-67D2-4D52-B72E-34AD2ABF25D9}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{E2781372-AEC3-4F0F-B902-7DDF35E14B47}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{E5C39486-969D-49AB-B466-20384225DD0F}E:\gry\cs\hlds.exe" = protocol=17 | dir=in | app=e:\gry\cs\hlds.exe |
"UDP Query User{ED1663BA-8520-45EA-BBAF-80E60121C702}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{FDDD1FA6-B48D-4AB2-89FD-ABB8E8732274}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007E2169-16E4-4ACF-95BF-2E9FBC49673E}" = Adobe Setup
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05381030-963D-4779-BECA-0D7D49268EDB}" = Płatnik 8.01.001
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10
"{1466F426-3D1E-411C-89BE-5F04261123EF}" = Adobe InDesign CS3
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A539CD9-0F75-4875-9A32-E06DD93C4114}" = Adobe Extension Manager CS3
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{48B82226-75E3-4E90-92CC-D30F79EA6380}" = Norton Security Scan
"{48C10E3C-A04F-4ED0-82AF-609CC5DE0F5D}" = O2Micro Flash Memory Card Reader Driver Installer(x86)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5525F6BD-0627-4F48-9640-B809A834E69C}" = The Panorama Factory V5 m32 Edition
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{55BFC356-5A7B-482F-A213-9ACFDDFF6037}" = Mouse Driver
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.7
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F0F5F58-0EE4-4DAB-B5C2-C047A250C696}" = Adobe Setup
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85767617-E6B1-499E-8C1B-C92E2AAFF586}" = TuneUp Utilities Language Pack (pl-PL)
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish
"{AC76D478-1033-0000-3478-000000000001}" = Adobe Acrobat Distiller 6.0
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{ACCD5C00-F1E4-11DD-AA93-005056C00008}" = Paragon Partition Manager™ 10.0 Server
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B7A27DE8-1A77-45E3-8CFB-72A50D1C2922}" = Jalbum
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCFB469B-85FF-4CB6-AA75-542BDE267A22}" = Easy Email Sender
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = PowerDVD Copy
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E63F3DF4-18E8-4F46-BBD8-E64FC9C370AD}" = TP-LINK Driver Installation Program
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB87675F-5281-4767-A54B-31931794C23D}" = OpenOffice.org 3.3
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{FDFCE5F3-8962-579F-8398-16310ABED56A}" = Market Samurai
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Adobe_c6130331409d42b2f62a7cc73ec2c87" = Adobe InDesign CS3
"ALLPlayer_is1" = ALLPlayer V4.X
"appcd_2009.PL000.002" = pkt.pl na CD - CD Turystyka 2009
"CCleaner" = CCleaner (remove only)
"CuteRank" = CuteRank 3.5.0
"Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4
"DMI Browser" = DMI Browse
"doPDF 7 printer_is1" = doPDF 7.1 printer
"DRUKI IPS_is1" = DRUKI IPS
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.1.0.2
"Easy Email Sender" = Easy Email Sender
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.3
"FOTOJOKER Fotoswiat" = FOTOJOKER Fotoswiat
"Free Monitor for Google_is1" = Free Monitor for Google 2.5
"Gadu-Gadu 10" = Gadu-Gadu 10
"GOM Player" = GOM Player
"Google Updater" = Aktualizator Google
"GSview 4.8" = GSview 4.8
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InfoView" = InfoView
"InstallShield_{55BFC356-5A7B-482F-A213-9ACFDDFF6037}" = Mouse Driver
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"JDownloader" = JDownloader
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"kED_is1" = kED 2.1.4.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.3.4 (Full)
"lvdrivers_12.0" = Pakiet sterowników: Logitech Webcam Software
"Mahjong Garden Deluxe Free" = Mahjong Garden Deluxe Free
"MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1" = Market Samurai
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Monopoly by Parker Brothers" = Monopoly by Parker Brothers
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"Mozilla Thunderbird 11.0.1 (x86 pl)" = Mozilla Thunderbird 11.0.1 (x86 pl)
"OEBackupGenie_is1" = Outlook Express Backup Genie v2.0
"Opera 11.62.1347" = Opera 11.62
"PDF Combine_is1" = PDF Combine
"PITy 2008_is1" = PITy 2008 dla Windows kompilacja:1.0.2.10
"PowerISO" = PowerISO
"Program Pit 2007 - rozliczenie roczne podatku dochodowego_is1" = 1.0.0.25
"Quick Search Box" = Okno szybkiego wyszukiwania Google
"RealAlt_is1" = Real Alternative 1.8.4
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"seopowersuite" = SEO SpyGlass
"SkanerOnline" = Skaner on-line mks_vir
"SubEdit-Player_is1" = SubEdit-Player
"SystemRequirementsLab" = System Requirements Lab
"Tetris 5000(v1.10 full version)" = Tetris 5000(v1.10 full version)
"Total Video Converter 3.14_is1" = Total Video Converter 3.14 080930
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities" = TuneUp Utilities
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"VATowiec Komplet_is1" = VATowiec 3.61
"VATowiec_is1" = VATowiec 3.36
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"WinRAR archiver" = Archiwizator WinRAR
"winscp3_is1" = WinSCP 4.3.3
"XnView_is1" = XnView 1.97.6
"ZipZag_is1" = ZipZag 1.80 Archiver

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-04-20 01:20:23 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 2012-04-20 01:20:23 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 1023
Description =

Error - 2012-04-20 03:29:37 | Computer Name = Gosia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd gghub.exe, wersja 11.0.0.0, sygnatura czasowa
0x4f7d023b, moduł powodujący błąd gghub.exe, wersja 11.0.0.0, sygnatura czasowa
0x4f7d023b, kod wyjątku 0xc0000005, przesunięcie błędu 0x00022699, identyfikator
procesu 0xa74, godzina rozpoczęcia aplikacji 0x01cd1ec72d1fe1f4.

Error - 2012-04-20 14:01:04 | Computer Name = Gosia-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd GOM.exe, wersja 2.1.39.5101, sygnatura czasowa
0x4f6030c7, moduł powodujący błąd libavcodec.dll, wersja 0.0.0.0, sygnatura czasowa
0x4e1a9077, kod wyjątku 0xc0000005, przesunięcie błędu 0x0014f180, identyfikator
procesu 0x1610, godzina rozpoczęcia aplikacji 0x01cd1f1f83c8d179.

Error - 2012-04-21 02:01:29 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 2012-04-21 02:01:29 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 2012-04-21 02:01:30 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 1023
Description =

Error - 2012-04-21 02:01:55 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 2012-04-21 02:01:55 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 2012-04-21 02:01:55 | Computer Name = Gosia-PC | Source = MsiInstaller | ID = 1023
Description =

[ System Events ]
Error - 2012-04-21 04:38:18 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-21 04:38:18 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-21 04:38:18 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 2012-04-21 14:08:00 | Computer Name = Gosia-PC | Source = Print | ID = 19
Description = Bufor wydruku nie może udostępnić drukarki Xerox Phaser 3117 z nazwą
udostępnionego zasobu Xerox Phaser 3117. Błąd 2114. Inne osoby w sieci nie mogą
korzystać z drukarki.

Error - 2012-04-21 14:09:00 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-21 14:09:00 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-21 14:09:00 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-21 14:09:00 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 2012-04-21 14:20:36 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2012-04-21 14:20:36 | Computer Name = Gosia-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
[/log]

Gość
komentarz
komentarz

Została drobna kosmetyka. Uruchom OTL i w oknie [b]własne opcje skanowania skrypt[/b] wklej

[code]:Files
C:\Users\Gosia\AppData\Roaming\mozilla\Firefox\Profiles\a8hpptxj.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
:OTL
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found

:Commands
[emptytemp][/code]

Kliknij w [b]Wykonaj skrypt[/b].


Po usuwaniu uruchom Adwcleaner i kliknij [b]Delete[/b].

Uruchom OTL i klknij opcję [b]Sprzatanie[/b]. To usunie program i kwarantannę.

Wyczyść foldery [b]Przywracania systemu - instrukcja [/b]http://www.fixitpc.pl/topic/8-dezynfekcja-zbior-narzedzi-usuwajacych/

To wszystko.

bobstar
komentarz
komentarz

zrobione
bardzo dziękuję za skuteczną pomoc

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.