BarneyStinson utworzono 17 maja 2012 utworzono 17 maja 2012 Wystąpiło to przy normalnym użytkowaniu. Przykładowo gdy chcę zmienić rozdzielczość ekranu(PPM na pulpicie i "'Rozdzielczość ekranu) [img]http://img339.imageshack.us/img339/8739/18397428.png[/img] Jest jeszcze tego dużo ale mi się nie chciało robić SS. Występuje to prawie wszędzie. I co za tym idzie nic nie mogę zrobić... Proszę o pomoc
djmakus komentarz 17 maja 2012 komentarz 17 maja 2012 zapoznaj sie z działem Bezpieczeństwo i zrób logi OTL http://www.forumpc.pl/index.php?showforum=11 jak coś będzie to przeniesiemy tam temat
BarneyStinson komentarz 17 maja 2012 Autor komentarz 17 maja 2012 (edytowane) Już dodaję. Proszę zwracać się do mnie prostym językiem, bo orłem w dziedzinie informatyki to ja nie jestem [log]OTL logfile created on: 2012-05-17 19:43:33 - Run 1 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Mateusz\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 57,03% Memory free 4,00 Gb Paging File | 2,79 Gb Available in Paging File | 69,65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 121,00 Gb Total Space | 78,63 Gb Free Space | 64,99% Space Free | Partition Type: NTFS Drive D: | 251,51 Gb Total Space | 93,80 Gb Free Space | 37,29% Space Free | Partition Type: NTFS Computer Name: MAKS | User Name: Maks | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-05-17 19:32:53 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Downloads\OTL.exe PRC - [2012-04-23 20:48:00 | 000,983,904 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe PRC - [2012-04-23 20:38:30 | 000,785,304 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe PRC - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011-11-16 16:44:31 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe PRC - [2011-06-06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe PRC - [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2007-06-01 10:21:30 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2007-06-01 10:21:08 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-04-25 00:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtgui4.dll MOD - [2011-04-25 00:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtsql4.dll MOD - [2011-04-25 00:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtscript4.dll MOD - [2011-04-25 00:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtnetwork4.dll MOD - [2011-04-25 00:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtcore4.dll MOD - [2011-04-25 00:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtdeclarative4.dll MOD - [2011-04-20 20:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-03-22 12:14:30 | 000,097,552 | ---- | M] (SANDBOXIE L.T.D) [Auto | Stopped] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV:[b]64bit:[/b] - [2010-07-13 16:08:42 | 000,177,664 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files\Airytec\Switch Off\swoff.exe -- (SwOffWeb) SRV:[b]64bit:[/b] - [2010-07-13 16:08:42 | 000,177,664 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files\Airytec\Switch Off\swoff.exe -- (SwOffScheduler) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-04-23 20:38:30 | 000,785,304 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2012-03-14 16:07:20 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-02-28 17:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-01-31 16:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011-06-06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe -- (AVP) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-07-14 03:16:18 | 000,076,288 | ---- | M] () [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost) SRV - [2009-07-14 03:16:18 | 000,076,288 | ---- | M] () [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-06-10 22:30:45 | 000,856,384 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-03-22 12:14:28 | 000,163,480 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV:[b]64bit:[/b] - [2011-12-16 20:22:01 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:[b]64bit:[/b] - [2011-03-10 19:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:[b]64bit:[/b] - [2011-03-04 14:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2) DRV:[b]64bit:[/b] - [2011-03-04 14:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1) DRV:[b]64bit:[/b] - [2010-11-02 18:30:48 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2009-11-02 21:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:[b]64bit:[/b] - [2009-06-10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-03-18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [url="http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4"]http://start.facemoo...earchTerms}&f=4[/url] IE - HKLM\..\URLSearchHook: {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [url="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2031308"]http://search.condui...&ctid=CT2031308[/url] IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = [url="http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7"]http://slirsredirect...e=tb50winampie7[/url] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://start.facemoods.com/?a=ddr"]http://start.facemoods.com/?a=ddr[/url] IE - HKCU\..\URLSearchHook: {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - No CLSID value found IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {A545A511-F7AE-4315-B57C-D9AA3E9B5742} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"]http://www.bing.com/...Box&FORM=IE8SRC[/url] IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = [url="http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4"]http://start.facemoo...earchTerms}&f=4[/url] IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = [url="http://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=2ca75092000000000000001ee5a92c41"]http://search.babylo...000001ee5a92c41[/url] IE - HKCU\..\SearchScopes\{A545A511-F7AE-4315-B57C-D9AA3E9B5742}: "URL" = [url="http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811_yserp&p={searchTerms}"]http://search.yahoo....p={searchTerms}[/url] IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = [url="http://www.daemon-search.com/search/web?q={searchTerms}"]http://www.daemon-se...q={searchTerms}[/url] IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [url="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2031308"]http://search.condui...&ctid=CT2031308[/url] IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = [url="http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7"]http://slirsredirect...e=tb50winampie7[/url] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Search the web" FF - prefs.js..browser.search.order.1: "Search the web" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811_yserp" FF - prefs.js..browser.search.selectedEngine: "Search the web" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?AF=100482&babsrc=HP_ss&mntrId=2ca75092000000000000001ee5a92c41" FF - prefs.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - user.js..browser.search.selectedEngine: "Search the web" FF - user.js..browser.search.order.1: "Search the web" FF - user.js..browser.search.defaultenginename: "Search the web" FF - user.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mateusz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mateusz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-11-16 16:44:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2012-05-17 14:43:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-05-17 14:43:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-01-06 18:24:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-10-20 21:48:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions [2012-05-05 01:14:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\1s4t2mqf.default\extensions [2012-01-06 16:39:37 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\1s4t2mqf.default\extensions\ffxtlbr@Facemoods.com [2012-03-31 18:55:21 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\1s4t2mqf.default\extensions\info@bflix.info [2012-03-03 18:03:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-02-08 00:29:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-03-02 17:55:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-05-05 01:14:05 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\WTXPCOM [2012-05-05 01:14:06 | 000,000,000 | ---D | M] (YouTube Downloader Toolbar) -- C:\PROGRAM FILES (X86)\YOUTUBE DOWNLOADER TOOLBAR\FF [2011-11-16 16:44:47 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2011-12-21 10:04:06 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-12-21 07:04:32 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-01-06 16:31:32 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2011-12-21 07:04:32 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2010-12-13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml [2011-12-21 07:04:32 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-12-21 07:04:32 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011-11-06 17:07:25 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src [2011-12-21 07:04:32 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-12-21 07:04:32 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: Angry Birds = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\ CHR - Extension: Kaspersky URL Advisor = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0\ CHR - Extension: Kaspersky URL Advisor = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\ CHR - Extension: Gears of War 3 Marcus Theme (1280 x 1024) = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopmcmgofkgjegfnegcnempkikpkdccb\1_0\ CHR - Extension: Stylish = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\ CHR - Extension: Troll Emoticons = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hndllphbhpadfpoikpaofkkkpkpnmjik\4.6.7_0\ CHR - Extension: Klawiatura wirtualna = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_1\ CHR - Extension: Klawiatura wirtualna = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: JDownloader Integration for Google Chrome\u2122 = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm\1.2.3_0\ CHR - Extension: Skype Click to Call = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\ CHR - Extension: DropinSavings = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\1.0_0\ CHR - Extension: Blokowanie banerw = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\ O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO) O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll () O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (TheBflix Class) - {9C7CBDB6-D5FD-4997-A8B5-88B049217530} - C:\ProgramData\TheBflix\bhoclass.dll (Injector) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (DigitalPowered Toolbar) - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (DigitalPowered Toolbar) - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com) O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.) O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (DigitalPowered Toolbar) - {B317125E-2F10-4388-BF1F-2C31C6CD89ED} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe File not found O4 - HKCU..\Run: [RMF FM Miasto Muzyki] File not found O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe () O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:[b]64bit:[/b] - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO) O9:[b]64bit:[/b] - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.116.100.65 79.163.127.70 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{284B3648-4F08-4C03-814C-1F1BCC36BCD0}: DhcpNameServer = 217.116.100.65 79.163.127.70 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2CD78FE1-9C5F-4AAD-8DB4-2BA2B0050327}: DhcpNameServer = 79.163.127.70 217.116.100.65 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36D03242-C688-47A6-813F-295F8E0709B1}: DhcpNameServer = 79.163.127.70 217.116.100.65 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48F0AD67-0F59-435E-ABA5-04169D543DBB}: DhcpNameServer = 217.116.100.65 79.163.127.70 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EF0B959-F0C5-462A-94E6-173529312E78}: DhcpNameServer = 217.116.100.65 79.163.127.70 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3C3B08B-F7B9-4926-9668-B3469E406ABD}: DhcpNameServer = 217.116.100.65 79.163.127.70 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll () O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{50fdbf85-fbda-11e0-952d-001a4d9e193f}\Shell - "" = AutoRun O33 - MountPoints2\{50fdbf85-fbda-11e0-952d-001a4d9e193f}\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a O33 - MountPoints2\{97696589-de90-11df-8a49-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{97696589-de90-11df-8a49-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe O33 - MountPoints2\{97696589-de90-11df-8a49-806e6f6e6963}\Shell\readit\command - "" = notepad readme.doc O33 - MountPoints2\{bfa224eb-fe30-11df-82ea-001a4d9e193f}\Shell - "" = AutoRun O33 - MountPoints2\{bfa224eb-fe30-11df-82ea-001a4d9e193f}\Shell\AutoRun\command - "" = F:\KODAK_Software_Downloader.exe O33 - MountPoints2\{ff02a1e8-e69e-11df-8ab7-001a4d9e193f}\Shell - "" = AutoRun O33 - MountPoints2\{ff02a1e8-e69e-11df-8ab7-001a4d9e193f}\Shell\AutoRun\command - "" = L:\autorun.exe O33 - MountPoints2\M\Shell - "" = AutoRun O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-05-16 21:11:39 | 025,543,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012-05-16 21:11:39 | 019,444,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012-05-16 21:11:39 | 007,713,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2012-05-16 21:11:39 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012-05-16 21:11:39 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012-05-16 21:11:38 | 017,642,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012-05-16 21:11:38 | 008,008,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012-05-16 21:11:38 | 005,892,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012-05-16 21:11:38 | 002,872,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012-05-16 21:11:38 | 002,672,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012-05-16 21:11:38 | 002,517,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012-05-16 21:11:38 | 002,437,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012-05-16 21:11:36 | 025,222,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012-05-16 21:11:36 | 017,543,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012-05-16 21:11:36 | 002,301,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2012-05-16 19:13:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-05-12 20:18:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Nowy folder [2012-05-10 15:30:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer [2012-05-05 01:13:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube Downloader Toolbar [2012-05-05 01:13:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot [2012-05-05 01:13:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater [2012-05-05 01:12:34 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD YouTube Downloader & Converter [2012-05-05 01:12:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter [2012-05-05 01:12:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTD YouTube Downloader & Converter [2012-05-04 20:34:25 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\{662219B6-1EE6-45E0-9FA7-6318434B3795} [2012-04-24 23:49:30 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.minecraft [2012-04-24 09:46:36 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\MCEdit [2012-04-19 15:11:25 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\LogMeIn Hamachi [2012-04-19 15:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012-04-19 15:10:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-05-17 19:47:01 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-05-17 19:25:59 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-05-17 19:25:59 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-05-17 19:21:43 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-05-17 19:20:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-05-17 19:20:25 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys [2012-05-17 15:10:20 | 000,033,261 | ---- | M] () -- C:\Users\Mateusz\Desktop\Błąd.png [2012-05-16 19:57:27 | 002,357,480 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-05-16 19:13:11 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012-05-16 17:38:12 | 000,000,000 | ---- | M] () -- C:\Users\Mateusz\Desktop\gna.png [2012-05-16 17:37:31 | 002,879,532 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-05-16 17:37:31 | 002,746,946 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-05-16 17:37:31 | 000,006,498 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-05-16 17:37:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-05-16 17:37:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-05-16 17:31:13 | 000,007,859 | ---- | M] () -- C:\Users\Mateusz\Desktop\Weteran.png [2012-05-16 17:20:18 | 000,000,000 | ---- | M] () -- C:\Users\Mateusz\Desktop\logo.png [2012-05-15 16:14:10 | 000,180,358 | ---- | M] () -- C:\Users\Mateusz\Desktop\Lowryder.png [2012-05-15 15:23:26 | 000,086,773 | ---- | M] () -- C:\Users\Mateusz\Desktop\WallpaperLowRider.jpg [2012-05-14 21:10:40 | 000,136,014 | ---- | M] () -- C:\Users\Mateusz\Desktop\logo kopia.png [2012-05-14 16:26:54 | 000,189,041 | ---- | M] () -- C:\Users\Mateusz\Desktop\03074418294497590853.png [2012-05-14 14:59:49 | 000,090,418 | ---- | M] () -- C:\Users\Mateusz\Desktop\3.png [2012-05-14 14:40:33 | 000,006,932 | ---- | M] () -- C:\Users\Mateusz\Desktop\User.png [2012-05-13 22:30:32 | 000,052,685 | ---- | M] () -- C:\Users\Mateusz\Desktop\avek2.png [2012-05-13 22:09:49 | 000,051,476 | ---- | M] () -- C:\Users\Mateusz\Desktop\Avek.png [2012-05-13 21:54:36 | 000,008,298 | ---- | M] () -- C:\Users\Mateusz\Desktop\Operator.png [2012-05-13 21:53:38 | 000,006,892 | ---- | M] () -- C:\Users\Mateusz\Desktop\Lider.png [2012-05-13 21:52:00 | 000,008,522 | ---- | M] () -- C:\Users\Mateusz\Desktop\Supporter.png [2012-05-13 21:51:25 | 000,007,122 | ---- | M] () -- C:\Users\Mateusz\Desktop\Grafik.png [2012-05-13 21:51:02 | 000,008,090 | ---- | M] () -- C:\Users\Mateusz\Desktop\Techniczny.png [2012-05-13 21:45:47 | 000,007,256 | ---- | M] () -- C:\Users\Mateusz\Desktop\Banned.png [2012-05-13 21:43:00 | 000,007,269 | ---- | M] () -- C:\Users\Mateusz\Desktop\Biznesman.png [2012-05-13 21:41:43 | 000,008,491 | ---- | M] () -- C:\Users\Mateusz\Desktop\Administrator.png [2012-05-13 21:28:32 | 000,008,708 | ---- | M] () -- C:\Users\Mateusz\Desktop\Moderator.png [2012-05-13 21:27:25 | 000,007,306 | ---- | M] () -- C:\Users\Mateusz\Desktop\Zarząd.png [2012-05-13 21:18:57 | 000,007,712 | ---- | M] () -- C:\Users\Mateusz\Desktop\Sponsor.png [2012-05-13 20:39:36 | 000,022,058 | ---- | M] () -- C:\Users\Mateusz\Desktop\Avatar1.png [2012-05-12 23:47:14 | 000,131,931 | ---- | M] () -- C:\Users\Mateusz\Desktop\29609139901780422647 kopia.png [2012-05-12 23:39:33 | 000,122,217 | ---- | M] () -- C:\Users\Mateusz\Desktop\29609139901780422647.png [2012-05-12 23:26:03 | 000,450,094 | ---- | M] () -- C:\Users\Mateusz\Desktop\2.png [2012-05-12 21:50:19 | 000,158,135 | ---- | M] () -- C:\Users\Mateusz\Desktop\lala.png [2012-05-12 21:18:58 | 000,185,591 | ---- | M] () -- C:\Users\Mateusz\Desktop\low.png [2012-05-12 13:58:55 | 000,246,260 | ---- | M] () -- C:\Users\Mateusz\Desktop\arcy.png [2012-05-12 13:52:58 | 000,267,193 | ---- | M] () -- C:\Users\Mateusz\Desktop\arcy2.png [2012-05-12 13:26:12 | 000,002,451 | ---- | M] () -- C:\Users\Mateusz\Desktop\i4f06bee8a790d04054339001834083404640199.png [2012-05-12 00:33:39 | 000,072,136 | ---- | M] () -- C:\Users\Mateusz\Desktop\Bez tytułu.png [2012-05-12 00:28:45 | 000,072,136 | ---- | M] () -- C:\Users\Mateusz\Desktop\pochwała.png [2012-05-12 00:09:48 | 000,119,520 | ---- | M] () -- C:\Users\Mateusz\Desktop\sygba.png [2012-05-11 23:00:48 | 000,165,108 | ---- | M] () -- C:\Users\Mateusz\Desktop\sd.psd [2012-05-11 22:57:44 | 000,821,279 | ---- | M] () -- C:\Users\Mateusz\Desktop\Catgirlbyshichiroi.png [2012-05-11 18:40:46 | 000,002,368 | ---- | M] () -- C:\Users\Mateusz\Documents\mcedit.ini [2012-05-09 22:18:53 | 000,095,803 | ---- | M] () -- C:\Users\Mateusz\Desktop\sygna.png [2012-05-08 23:10:16 | 000,056,472 | ---- | M] () -- C:\Users\Mateusz\Desktop\1.png [2012-05-08 23:08:19 | 000,120,930 | ---- | M] () -- C:\Users\Mateusz\Desktop\jabuszka.png [2012-05-08 23:07:19 | 000,120,930 | ---- | M] () -- C:\Users\Mateusz\Desktop\Bez nazwy 2 kopia.png [2012-05-08 22:14:19 | 002,534,052 | ---- | M] () -- C:\Users\Mateusz\Desktop\Bez nazwy 2.psd [2012-05-08 21:40:30 | 000,156,175 | ---- | M] () -- C:\Users\Mateusz\Desktop\Bez nazwdy 1.png [2012-05-08 17:15:26 | 000,000,000 | ---- | M] () -- C:\Users\Mateusz\Desktop\Bez nazwy 1.png [2012-05-08 17:06:08 | 000,009,777 | ---- | M] () -- C:\Users\Mateusz\Desktop\support kopia.png [2012-05-07 18:53:54 | 000,171,177 | ---- | M] () -- C:\Users\Mateusz\Desktop\d.png [2012-05-07 18:48:31 | 000,009,752 | ---- | M] () -- C:\Users\Mateusz\Desktop\modek.png [2012-05-07 18:47:14 | 000,009,947 | ---- | M] () -- C:\Users\Mateusz\Desktop\support.png [2012-05-05 23:38:22 | 000,071,214 | ---- | M] () -- C:\Users\Mateusz\Desktop\reklama.png [2012-05-04 14:50:55 | 000,002,407 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-25 21:20:41 | 000,006,832 | ---- | M] () -- C:\bootsqm.dat [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-05-17 15:10:19 | 000,033,261 | ---- | C] () -- C:\Users\Mateusz\Desktop\Błąd.png [2012-05-16 19:13:11 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012-05-16 17:38:10 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\Desktop\gna.png [2012-05-16 17:31:12 | 000,007,859 | ---- | C] () -- C:\Users\Mateusz\Desktop\Weteran.png [2012-05-15 15:46:15 | 000,180,358 | ---- | C] () -- C:\Users\Mateusz\Desktop\Lowryder.png [2012-05-15 15:23:33 | 000,086,773 | ---- | C] () -- C:\Users\Mateusz\Desktop\WallpaperLowRider.jpg [2012-05-14 21:10:39 | 000,136,014 | ---- | C] () -- C:\Users\Mateusz\Desktop\logo kopia.png [2012-05-14 20:57:15 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\Desktop\logo.png [2012-05-14 16:26:59 | 000,189,041 | ---- | C] () -- C:\Users\Mateusz\Desktop\03074418294497590853.png [2012-05-14 14:59:48 | 000,090,418 | ---- | C] () -- C:\Users\Mateusz\Desktop\3.png [2012-05-13 22:27:31 | 000,052,685 | ---- | C] () -- C:\Users\Mateusz\Desktop\avek2.png [2012-05-13 22:09:48 | 000,051,476 | ---- | C] () -- C:\Users\Mateusz\Desktop\Avek.png [2012-05-13 21:54:35 | 000,008,298 | ---- | C] () -- C:\Users\Mateusz\Desktop\Operator.png [2012-05-13 21:53:36 | 000,006,892 | ---- | C] () -- C:\Users\Mateusz\Desktop\Lider.png [2012-05-13 21:51:59 | 000,008,522 | ---- | C] () -- C:\Users\Mateusz\Desktop\Supporter.png [2012-05-13 21:51:24 | 000,007,122 | ---- | C] () -- C:\Users\Mateusz\Desktop\Grafik.png [2012-05-13 21:49:58 | 000,008,090 | ---- | C] () -- C:\Users\Mateusz\Desktop\Techniczny.png [2012-05-13 21:45:46 | 000,007,256 | ---- | C] () -- C:\Users\Mateusz\Desktop\Banned.png [2012-05-13 21:42:58 | 000,007,269 | ---- | C] () -- C:\Users\Mateusz\Desktop\Biznesman.png [2012-05-13 21:41:42 | 000,008,491 | ---- | C] () -- C:\Users\Mateusz\Desktop\Administrator.png [2012-05-13 21:27:24 | 000,007,306 | ---- | C] () -- C:\Users\Mateusz\Desktop\Zarząd.png [2012-05-13 20:39:34 | 000,022,058 | ---- | C] () -- C:\Users\Mateusz\Desktop\Avatar1.png [2012-05-12 23:47:13 | 000,131,931 | ---- | C] () -- C:\Users\Mateusz\Desktop\29609139901780422647 kopia.png [2012-05-12 23:39:37 | 000,122,217 | ---- | C] () -- C:\Users\Mateusz\Desktop\29609139901780422647.png [2012-05-12 23:26:02 | 000,450,094 | ---- | C] () -- C:\Users\Mateusz\Desktop\2.png [2012-05-12 21:50:17 | 000,158,135 | ---- | C] () -- C:\Users\Mateusz\Desktop\lala.png [2012-05-12 21:18:57 | 000,185,591 | ---- | C] () -- C:\Users\Mateusz\Desktop\low.png [2012-05-12 13:52:56 | 000,267,193 | ---- | C] () -- C:\Users\Mateusz\Desktop\arcy2.png [2012-05-12 13:52:19 | 000,246,260 | ---- | C] () -- C:\Users\Mateusz\Desktop\arcy.png [2012-05-12 13:26:17 | 000,002,451 | ---- | C] () -- C:\Users\Mateusz\Desktop\i4f06bee8a790d04054339001834083404640199.png [2012-05-12 00:28:44 | 000,072,136 | ---- | C] () -- C:\Users\Mateusz\Desktop\pochwała.png [2012-05-11 23:16:14 | 000,119,520 | ---- | C] () -- C:\Users\Mateusz\Desktop\sygba.png [2012-05-11 23:00:46 | 000,165,108 | ---- | C] () -- C:\Users\Mateusz\Desktop\sd.psd [2012-05-11 22:58:51 | 000,821,279 | ---- | C] () -- C:\Users\Mateusz\Desktop\Catgirlbyshichiroi.png [2012-05-09 22:18:51 | 000,095,803 | ---- | C] () -- C:\Users\Mateusz\Desktop\sygna.png [2012-05-08 23:10:16 | 000,056,472 | ---- | C] () -- C:\Users\Mateusz\Desktop\1.png [2012-05-08 23:08:17 | 000,120,930 | ---- | C] () -- C:\Users\Mateusz\Desktop\jabuszka.png [2012-05-08 23:07:17 | 000,120,930 | ---- | C] () -- C:\Users\Mateusz\Desktop\Bez nazwy 2 kopia.png [2012-05-08 22:14:17 | 002,534,052 | ---- | C] () -- C:\Users\Mateusz\Desktop\Bez nazwy 2.psd [2012-05-08 21:40:27 | 000,156,175 | ---- | C] () -- C:\Users\Mateusz\Desktop\Bez nazwdy 1.png [2012-05-08 20:57:16 | 000,072,136 | ---- | C] () -- C:\Users\Mateusz\Desktop\Bez tytułu.png [2012-05-08 17:09:06 | 000,006,932 | ---- | C] () -- C:\Users\Mateusz\Desktop\User.png [2012-05-08 17:08:01 | 000,007,712 | ---- | C] () -- C:\Users\Mateusz\Desktop\Sponsor.png [2012-05-08 17:07:23 | 000,008,708 | ---- | C] () -- C:\Users\Mateusz\Desktop\Moderator.png [2012-05-08 17:06:06 | 000,009,777 | ---- | C] () -- C:\Users\Mateusz\Desktop\support kopia.png [2012-05-07 18:53:52 | 000,171,177 | ---- | C] () -- C:\Users\Mateusz\Desktop\d.png [2012-05-07 18:48:30 | 000,009,752 | ---- | C] () -- C:\Users\Mateusz\Desktop\modek.png [2012-05-07 18:47:12 | 000,009,947 | ---- | C] () -- C:\Users\Mateusz\Desktop\support.png [2012-05-06 14:46:38 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\Desktop\Bez nazwy 1.png [2012-05-05 23:38:21 | 000,071,214 | ---- | C] () -- C:\Users\Mateusz\Desktop\reklama.png [2012-05-05 10:04:39 | 001,402,157 | ---- | C] () -- C:\Users\Mateusz\Desktop\WheelsScreen.jpg [2012-04-25 21:20:41 | 000,006,832 | ---- | C] () -- C:\bootsqm.dat [2012-04-10 07:51:47 | 000,001,760 | ---- | C] () -- C:\Windows\Sandboxie.ini [2012-02-29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012-01-03 09:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\SysWow64\abgx360.exe [2011-12-29 13:30:58 | 000,006,490 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-12-16 20:37:04 | 000,017,408 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\WebpageIcons.db [2011-10-22 15:21:00 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini [2011-10-20 23:26:23 | 000,163,840 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\chrtmp [2010-12-22 19:16:43 | 003,786,760 | ---- | C] () -- C:\Windows\SysWow64\D3DX9_37.dll [2010-12-22 19:16:36 | 000,440,080 | ---- | C] () -- C:\Windows\SysWow64\d3dx10.dll [2010-12-13 19:24:39 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-12-13 19:24:39 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-12-13 19:24:35 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010-12-13 19:24:35 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010-12-13 19:24:34 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll < End of report > [/log]
Gość komentarz 17 maja 2012 komentarz 17 maja 2012 Pobierz [b]AdwCleaner [/b]i zasosuj opcję Delete. Przegladarki mają byc zamkniete. http://general-changelog-team.fr/outils/289-adwcleaner Po usuwaniu zrób nowy skan OTL wg tej instrukcji http://www.fixitpc.pl/topic/61-diagnostyka-ogolne-raporty-systemowe/#1 Logi maja być dwa [b]Extras.txt i OTL.txt[/b]
BarneyStinson komentarz 18 maja 2012 Autor komentarz 18 maja 2012 [log]OTL logfile created on: 2012-05-17 20:37:02 - Run 2 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Mateusz\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 41,81% Memory free 4,00 Gb Paging File | 2,23 Gb Available in Paging File | 55,68% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 121,00 Gb Total Space | 78,65 Gb Free Space | 65,00% Space Free | Partition Type: NTFS Drive D: | 251,51 Gb Total Space | 93,80 Gb Free Space | 37,29% Space Free | Partition Type: NTFS Computer Name: MAKS | User Name: Maks | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-05-17 19:32:53 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Downloads\OTL.exe PRC - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-02-28 17:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2011-11-16 16:44:31 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe PRC - [2011-06-06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe PRC - [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2007-06-01 10:21:30 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2007-06-01 10:21:08 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-05-09 05:04:52 | 000,441,840 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll MOD - [2012-05-09 05:04:51 | 003,921,904 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll MOD - [2012-05-09 05:03:36 | 000,553,456 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\19.0.1084.46\libglesv2.dll MOD - [2012-05-09 05:03:35 | 000,117,744 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\19.0.1084.46\libegl.dll MOD - [2012-05-09 05:03:25 | 000,134,656 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\19.0.1084.46\avutil-51.dll MOD - [2012-05-09 05:03:24 | 000,250,368 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\19.0.1084.46\avformat-54.dll MOD - [2012-05-09 05:03:23 | 002,375,680 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll MOD - [2011-04-25 00:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtgui4.dll MOD - [2011-04-25 00:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtsql4.dll MOD - [2011-04-25 00:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtscript4.dll MOD - [2011-04-25 00:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtnetwork4.dll MOD - [2011-04-25 00:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtcore4.dll MOD - [2011-04-25 00:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\qtdeclarative4.dll MOD - [2011-04-20 20:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll MOD - [2009-10-28 05:40:14 | 003,885,984 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-03-22 12:14:30 | 000,097,552 | ---- | M] (SANDBOXIE L.T.D) [Auto | Stopped] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV:[b]64bit:[/b] - [2010-07-13 16:08:42 | 000,177,664 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files\Airytec\Switch Off\swoff.exe -- (SwOffWeb) SRV:[b]64bit:[/b] - [2010-07-13 16:08:42 | 000,177,664 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files\Airytec\Switch Off\swoff.exe -- (SwOffScheduler) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-03-14 16:07:20 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-02-28 17:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-01-31 16:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011-06-06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe -- (AVP) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-07-14 03:16:18 | 000,076,288 | ---- | M] () [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost) SRV - [2009-07-14 03:16:18 | 000,076,288 | ---- | M] () [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-06-10 22:30:45 | 000,856,384 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-03-22 12:14:28 | 000,163,480 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV:[b]64bit:[/b] - [2011-12-16 20:22:01 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:[b]64bit:[/b] - [2011-03-10 19:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:[b]64bit:[/b] - [2011-03-04 14:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2) DRV:[b]64bit:[/b] - [2011-03-04 14:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1) DRV:[b]64bit:[/b] - [2010-11-02 18:30:48 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2009-11-02 21:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:[b]64bit:[/b] - [2009-06-10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-03-18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr IE - HKLM\..\URLSearchHook: {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr IE - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\URLSearchHook: {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - No CLSID value found IE - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\SearchScopes,DefaultScope = {A545A511-F7AE-4315-B57C-D9AA3E9B5742} IE - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\SearchScopes\{A545A511-F7AE-4315-B57C-D9AA3E9B5742}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811_yserp&p={searchTerms} IE - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms} IE - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811_yserp" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mateusz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mateusz\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-11-16 16:44:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2012-05-17 14:43:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-05-17 14:43:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-01-06 18:24:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-10-20 21:48:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions [2012-05-17 20:24:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\1s4t2mqf.default\extensions [2012-03-31 18:55:21 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\1s4t2mqf.default\extensions\info@bflix.info [2012-03-03 18:03:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-02-08 00:29:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-03-02 17:55:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\WTXPCOM File not found (No name found) -- C:\PROGRAM FILES (X86)\YOUTUBE DOWNLOADER TOOLBAR\FF [2011-11-16 16:44:47 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2011-12-21 10:04:06 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-12-21 07:04:32 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2011-12-21 07:04:32 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2010-12-13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml [2011-12-21 07:04:32 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-12-21 07:04:32 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011-11-06 17:07:25 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src [2011-12-21 07:04:32 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-12-21 07:04:32 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: Angry Birds = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\ CHR - Extension: Kaspersky URL Advisor = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\ CHR - Extension: Gears of War 3 Marcus Theme (1280 x 1024) = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dopmcmgofkgjegfnegcnempkikpkdccb\1_0\ CHR - Extension: Stylish = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\ CHR - Extension: Troll Emoticons = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hndllphbhpadfpoikpaofkkkpkpnmjik\4.6.7_0\ CHR - Extension: Klawiatura wirtualna = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\ CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: JDownloader Integration for Google Chrome\u2122 = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm\1.2.3_0\ CHR - Extension: Skype Click to Call = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\ CHR - Extension: Blokowanie banerw = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\ O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO) O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (TheBflix Class) - {9C7CBDB6-D5FD-4997-A8B5-88B049217530} - C:\ProgramData\TheBflix\bhoclass.dll (Injector) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (DigitalPowered Toolbar) - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (DigitalPowered Toolbar) - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) O3:[b]64bit:[/b] - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\Toolbar\WebBrowser: (DigitalPowered Toolbar) - {B317125E-2F10-4388-BF1F-2C31C6CD89ED} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000..\Run: [RMF FM Miasto Muzyki] File not found O4 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe () O4 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:[b]64bit:[/b] - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO) O9:[b]64bit:[/b] - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.116.100.65 79.163.127.70 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{284B3648-4F08-4C03-814C-1F1BCC36BCD0}: DhcpNameServer = 217.116.100.65 79.163.127.70 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2CD78FE1-9C5F-4AAD-8DB4-2BA2B0050327}: DhcpNameServer = 79.163.127.70 217.116.100.65 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36D03242-C688-47A6-813F-295F8E0709B1}: DhcpNameServer = 79.163.127.70 217.116.100.65 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48F0AD67-0F59-435E-ABA5-04169D543DBB}: DhcpNameServer = 217.116.100.65 79.163.127.70 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EF0B959-F0C5-462A-94E6-173529312E78}: DhcpNameServer = 217.116.100.65 79.163.127.70 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D3C3B08B-F7B9-4926-9668-B3469E406ABD}: DhcpNameServer = 217.116.100.65 79.163.127.70 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll () O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{50fdbf85-fbda-11e0-952d-001a4d9e193f}\Shell - "" = AutoRun O33 - MountPoints2\{50fdbf85-fbda-11e0-952d-001a4d9e193f}\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a O33 - MountPoints2\{97696589-de90-11df-8a49-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{97696589-de90-11df-8a49-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe O33 - MountPoints2\{97696589-de90-11df-8a49-806e6f6e6963}\Shell\readit\command - "" = notepad readme.doc O33 - MountPoints2\{bfa224eb-fe30-11df-82ea-001a4d9e193f}\Shell - "" = AutoRun O33 - MountPoints2\{bfa224eb-fe30-11df-82ea-001a4d9e193f}\Shell\AutoRun\command - "" = F:\KODAK_Software_Downloader.exe O33 - MountPoints2\{ff02a1e8-e69e-11df-8ab7-001a4d9e193f}\Shell - "" = AutoRun O33 - MountPoints2\{ff02a1e8-e69e-11df-8ab7-001a4d9e193f}\Shell\AutoRun\command - "" = L:\autorun.exe O33 - MountPoints2\M\Shell - "" = AutoRun O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-05-16 21:11:39 | 025,543,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012-05-16 21:11:39 | 019,444,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012-05-16 21:11:39 | 007,713,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2012-05-16 21:11:39 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012-05-16 21:11:39 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012-05-16 21:11:38 | 017,642,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012-05-16 21:11:38 | 008,008,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012-05-16 21:11:38 | 005,892,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012-05-16 21:11:38 | 002,872,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012-05-16 21:11:38 | 002,672,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012-05-16 21:11:38 | 002,517,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012-05-16 21:11:38 | 002,437,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012-05-16 21:11:36 | 025,222,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012-05-16 21:11:36 | 017,543,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012-05-16 21:11:36 | 002,301,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2012-05-16 19:13:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-05-12 20:18:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Nowy folder [2012-05-10 15:30:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer [2012-05-05 01:12:34 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD YouTube Downloader & Converter [2012-05-05 01:12:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter [2012-05-05 01:12:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTD YouTube Downloader & Converter [2012-05-04 20:34:25 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\{662219B6-1EE6-45E0-9FA7-6318434B3795} [2012-04-24 23:49:30 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\.minecraft [2012-04-24 09:46:36 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\MCEdit [2012-04-19 15:11:25 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\LogMeIn Hamachi [2012-04-19 15:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2012-04-19 15:10:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-05-17 20:47:02 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-05-17 20:29:07 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-05-17 20:29:07 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-05-17 20:24:03 | 000,001,040 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-05-17 20:23:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-05-17 20:23:35 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys [2012-05-17 15:10:20 | 000,033,261 | ---- | M] () -- C:\Users\Mateusz\Desktop\Błąd.png [2012-05-16 19:57:27 | 002,357,480 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-05-16 19:13:11 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012-05-16 17:38:12 | 000,000,000 | ---- | M] () -- C:\Users\Mateusz\Desktop\gna.png [2012-05-16 17:37:31 | 002,879,532 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-05-16 17:37:31 | 002,746,946 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-05-16 17:37:31 | 000,006,498 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-05-16 17:37:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-05-16 17:37:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-05-16 17:31:13 | 000,007,859 | ---- | M] () -- C:\Users\Mateusz\Desktop\Weteran.png [2012-05-16 17:20:18 | 000,000,000 | ---- | M] () -- C:\Users\Mateusz\Desktop\logo.png [2012-05-15 16:14:10 | 000,180,358 | ---- | M] () -- C:\Users\Mateusz\Desktop\Lowryder.png [2012-05-15 15:23:26 | 000,086,773 | ---- | M] () -- C:\Users\Mateusz\Desktop\WallpaperLowRider.jpg [2012-05-14 21:10:40 | 000,136,014 | ---- | M] () -- C:\Users\Mateusz\Desktop\logo kopia.png [2012-05-14 16:26:54 | 000,189,041 | ---- | M] () -- C:\Users\Mateusz\Desktop\03074418294497590853.png [2012-05-14 14:59:49 | 000,090,418 | ---- | M] () -- C:\Users\Mateusz\Desktop\3.png [2012-05-14 14:40:33 | 000,006,932 | ---- | M] () -- C:\Users\Mateusz\Desktop\User.png [2012-05-13 22:30:32 | 000,052,685 | ---- | M] () -- C:\Users\Mateusz\Desktop\avek2.png [2012-05-13 22:09:49 | 000,051,476 | ---- | M] () -- C:\Users\Mateusz\Desktop\Avek.png [2012-05-13 21:54:36 | 000,008,298 | ---- | M] () -- C:\Users\Mateusz\Desktop\Operator.png [2012-05-13 21:53:38 | 000,006,892 | ---- | M] () -- C:\Users\Mateusz\Desktop\Lider.png [2012-05-13 21:52:00 | 000,008,522 | ---- | M] () -- C:\Users\Mateusz\Desktop\Supporter.png [2012-05-13 21:51:25 | 000,007,122 | ---- | M] () -- C:\Users\Mateusz\Desktop\Grafik.png [2012-05-13 21:51:02 | 000,008,090 | ---- | M] () -- C:\Users\Mateusz\Desktop\Techniczny.png [2012-05-13 21:45:47 | 000,007,256 | ---- | M] () -- C:\Users\Mateusz\Desktop\Banned.png [2012-05-13 21:43:00 | 000,007,269 | ---- | M] () -- C:\Users\Mateusz\Desktop\Biznesman.png [2012-05-13 21:41:43 | 000,008,491 | ---- | M] () -- C:\Users\Mateusz\Desktop\Administrator.png [2012-05-13 21:28:32 | 000,008,708 | ---- | M] () -- C:\Users\Mateusz\Desktop\Moderator.png [2012-05-13 21:27:25 | 000,007,306 | ---- | M] () -- C:\Users\Mateusz\Desktop\Zarząd.png [2012-05-13 21:18:57 | 000,007,712 | ---- | M] () -- C:\Users\Mateusz\Desktop\Sponsor.png [2012-05-13 20:39:36 | 000,022,058 | ---- | M] () -- C:\Users\Mateusz\Desktop\Avatar1.png [2012-05-12 23:47:14 | 000,131,931 | ---- | M] () -- C:\Users\Mateusz\Desktop\29609139901780422647 kopia.png [2012-05-12 23:39:33 | 000,122,217 | ---- | M] () -- C:\Users\Mateusz\Desktop\29609139901780422647.png [2012-05-12 23:26:03 | 000,450,094 | ---- | M] () -- C:\Users\Mateusz\Desktop\2.png [2012-05-12 21:50:19 | 000,158,135 | ---- | M] () -- C:\Users\Mateusz\Desktop\lala.png [2012-05-12 21:18:58 | 000,185,591 | ---- | M] () -- C:\Users\Mateusz\Desktop\low.png [2012-05-12 13:58:55 | 000,246,260 | ---- | M] () -- C:\Users\Mateusz\Desktop\arcy.png [2012-05-12 13:52:58 | 000,267,193 | ---- | M] () -- C:\Users\Mateusz\Desktop\arcy2.png [2012-05-12 13:26:12 | 000,002,451 | ---- | M] () -- C:\Users\Mateusz\Desktop\i4f06bee8a790d04054339001834083404640199.png [2012-05-12 00:33:39 | 000,072,136 | ---- | M] () -- C:\Users\Mateusz\Desktop\Bez tytułu.png [2012-05-12 00:28:45 | 000,072,136 | ---- | M] () -- C:\Users\Mateusz\Desktop\pochwała.png [2012-05-12 00:09:48 | 000,119,520 | ---- | M] () -- C:\Users\Mateusz\Desktop\sygba.png [2012-05-11 23:00:48 | 000,165,108 | ---- | M] () -- C:\Users\Mateusz\Desktop\sd.psd [2012-05-11 22:57:44 | 000,821,279 | ---- | M] () -- C:\Users\Mateusz\Desktop\Catgirlbyshichiroi.png [2012-05-11 18:40:46 | 000,002,368 | ---- | M] () -- C:\Users\Mateusz\Documents\mcedit.ini [2012-05-09 22:18:53 | 000,095,803 | ---- | M] () -- C:\Users\Mateusz\Desktop\sygna.png [2012-05-08 23:10:16 | 000,056,472 | ---- | M] () -- C:\Users\Mateusz\Desktop\1.png [2012-05-08 23:08:19 | 000,120,930 | ---- | M] () -- C:\Users\Mateusz\Desktop\jabuszka.png [2012-05-08 23:07:19 | 000,120,930 | ---- | M] () -- C:\Users\Mateusz\Desktop\Bez nazwy 2 kopia.png [2012-05-08 22:14:19 | 002,534,052 | ---- | M] () -- C:\Users\Mateusz\Desktop\Bez nazwy 2.psd [2012-05-08 21:40:30 | 000,156,175 | ---- | M] () -- C:\Users\Mateusz\Desktop\Bez nazwdy 1.png [2012-05-08 17:15:26 | 000,000,000 | ---- | M] () -- C:\Users\Mateusz\Desktop\Bez nazwy 1.png [2012-05-08 17:06:08 | 000,009,777 | ---- | M] () -- C:\Users\Mateusz\Desktop\support kopia.png [2012-05-07 18:53:54 | 000,171,177 | ---- | M] () -- C:\Users\Mateusz\Desktop\d.png [2012-05-07 18:48:31 | 000,009,752 | ---- | M] () -- C:\Users\Mateusz\Desktop\modek.png [2012-05-07 18:47:14 | 000,009,947 | ---- | M] () -- C:\Users\Mateusz\Desktop\support.png [2012-05-05 23:38:22 | 000,071,214 | ---- | M] () -- C:\Users\Mateusz\Desktop\reklama.png [2012-05-04 14:50:55 | 000,002,407 | ---- | M] () -- C:\Users\Mateusz\Desktop\Google Chrome.lnk [2012-04-25 21:20:41 | 000,006,832 | ---- | M] () -- C:\bootsqm.dat [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-05-17 15:10:19 | 000,033,261 | ---- | C] () -- C:\Users\Mateusz\Desktop\Błąd.png [2012-05-16 19:13:11 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012-05-16 17:38:10 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\Desktop\gna.png [2012-05-16 17:31:12 | 000,007,859 | ---- | C] () -- C:\Users\Mateusz\Desktop\Weteran.png [2012-05-15 15:46:15 | 000,180,358 | ---- | C] () -- C:\Users\Mateusz\Desktop\Lowryder.png [2012-05-15 15:23:33 | 000,086,773 | ---- | C] () -- C:\Users\Mateusz\Desktop\WallpaperLowRider.jpg [2012-05-14 21:10:39 | 000,136,014 | ---- | C] () -- C:\Users\Mateusz\Desktop\logo kopia.png [2012-05-14 20:57:15 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\Desktop\logo.png [2012-05-14 16:26:59 | 000,189,041 | ---- | C] () -- C:\Users\Mateusz\Desktop\03074418294497590853.png [2012-05-14 14:59:48 | 000,090,418 | ---- | C] () -- C:\Users\Mateusz\Desktop\3.png [2012-05-13 22:27:31 | 000,052,685 | ---- | C] () -- C:\Users\Mateusz\Desktop\avek2.png [2012-05-13 22:09:48 | 000,051,476 | ---- | C] () -- C:\Users\Mateusz\Desktop\Avek.png [2012-05-13 21:54:35 | 000,008,298 | ---- | C] () -- C:\Users\Mateusz\Desktop\Operator.png [2012-05-13 21:53:36 | 000,006,892 | ---- | C] () -- C:\Users\Mateusz\Desktop\Lider.png [2012-05-13 21:51:59 | 000,008,522 | ---- | C] () -- C:\Users\Mateusz\Desktop\Supporter.png [2012-05-13 21:51:24 | 000,007,122 | ---- | C] () -- C:\Users\Mateusz\Desktop\Grafik.png [2012-05-13 21:49:58 | 000,008,090 | ---- | C] () -- C:\Users\Mateusz\Desktop\Techniczny.png [2012-05-13 21:45:46 | 000,007,256 | ---- | C] () -- C:\Users\Mateusz\Desktop\Banned.png [2012-05-13 21:42:58 | 000,007,269 | ---- | C] () -- C:\Users\Mateusz\Desktop\Biznesman.png [2012-05-13 21:41:42 | 000,008,491 | ---- | C] () -- C:\Users\Mateusz\Desktop\Administrator.png [2012-05-13 21:27:24 | 000,007,306 | ---- | C] () -- C:\Users\Mateusz\Desktop\Zarząd.png [2012-05-13 20:39:34 | 000,022,058 | ---- | C] () -- C:\Users\Mateusz\Desktop\Avatar1.png [2012-05-12 23:47:13 | 000,131,931 | ---- | C] () -- C:\Users\Mateusz\Desktop\29609139901780422647 kopia.png [2012-05-12 23:39:37 | 000,122,217 | ---- | C] () -- C:\Users\Mateusz\Desktop\29609139901780422647.png [2012-05-12 23:26:02 | 000,450,094 | ---- | C] () -- C:\Users\Mateusz\Desktop\2.png [2012-05-12 21:50:17 | 000,158,135 | ---- | C] () -- C:\Users\Mateusz\Desktop\lala.png [2012-05-12 21:18:57 | 000,185,591 | ---- | C] () -- C:\Users\Mateusz\Desktop\low.png [2012-05-12 13:52:56 | 000,267,193 | ---- | C] () -- C:\Users\Mateusz\Desktop\arcy2.png [2012-05-12 13:52:19 | 000,246,260 | ---- | C] () -- C:\Users\Mateusz\Desktop\arcy.png [2012-05-12 13:26:17 | 000,002,451 | ---- | C] () -- C:\Users\Mateusz\Desktop\i4f06bee8a790d04054339001834083404640199.png [2012-05-12 00:28:44 | 000,072,136 | ---- | C] () -- C:\Users\Mateusz\Desktop\pochwała.png [2012-05-11 23:16:14 | 000,119,520 | ---- | C] () -- C:\Users\Mateusz\Desktop\sygba.png [2012-05-11 23:00:46 | 000,165,108 | ---- | C] () -- C:\Users\Mateusz\Desktop\sd.psd [2012-05-11 22:58:51 | 000,821,279 | ---- | C] () -- C:\Users\Mateusz\Desktop\Catgirlbyshichiroi.png [2012-05-09 22:18:51 | 000,095,803 | ---- | C] () -- C:\Users\Mateusz\Desktop\sygna.png [2012-05-08 23:10:16 | 000,056,472 | ---- | C] () -- C:\Users\Mateusz\Desktop\1.png [2012-05-08 23:08:17 | 000,120,930 | ---- | C] () -- C:\Users\Mateusz\Desktop\jabuszka.png [2012-05-08 23:07:17 | 000,120,930 | ---- | C] () -- C:\Users\Mateusz\Desktop\Bez nazwy 2 kopia.png [2012-05-08 22:14:17 | 002,534,052 | ---- | C] () -- C:\Users\Mateusz\Desktop\Bez nazwy 2.psd [2012-05-08 21:40:27 | 000,156,175 | ---- | C] () -- C:\Users\Mateusz\Desktop\Bez nazwdy 1.png [2012-05-08 20:57:16 | 000,072,136 | ---- | C] () -- C:\Users\Mateusz\Desktop\Bez tytułu.png [2012-05-08 17:09:06 | 000,006,932 | ---- | C] () -- C:\Users\Mateusz\Desktop\User.png [2012-05-08 17:08:01 | 000,007,712 | ---- | C] () -- C:\Users\Mateusz\Desktop\Sponsor.png [2012-05-08 17:07:23 | 000,008,708 | ---- | C] () -- C:\Users\Mateusz\Desktop\Moderator.png [2012-05-08 17:06:06 | 000,009,777 | ---- | C] () -- C:\Users\Mateusz\Desktop\support kopia.png [2012-05-07 18:53:52 | 000,171,177 | ---- | C] () -- C:\Users\Mateusz\Desktop\d.png [2012-05-07 18:48:30 | 000,009,752 | ---- | C] () -- C:\Users\Mateusz\Desktop\modek.png [2012-05-07 18:47:12 | 000,009,947 | ---- | C] () -- C:\Users\Mateusz\Desktop\support.png [2012-05-06 14:46:38 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\Desktop\Bez nazwy 1.png [2012-05-05 23:38:21 | 000,071,214 | ---- | C] () -- C:\Users\Mateusz\Desktop\reklama.png [2012-05-05 10:04:39 | 001,402,157 | ---- | C] () -- C:\Users\Mateusz\Desktop\WheelsScreen.jpg [2012-04-25 21:20:41 | 000,006,832 | ---- | C] () -- C:\bootsqm.dat [2012-04-10 07:51:47 | 000,001,760 | ---- | C] () -- C:\Windows\Sandboxie.ini [2012-02-29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012-01-03 09:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\SysWow64\abgx360.exe [2011-12-29 13:30:58 | 000,006,490 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-12-16 20:37:04 | 000,017,408 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\WebpageIcons.db [2011-10-22 15:21:00 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini [2011-10-20 23:26:23 | 000,163,840 | ---- | C] () -- C:\Users\Mateusz\AppData\Roaming\chrtmp [2010-12-22 19:16:43 | 003,786,760 | ---- | C] () -- C:\Windows\SysWow64\D3DX9_37.dll [2010-12-22 19:16:36 | 000,440,080 | ---- | C] () -- C:\Windows\SysWow64\d3dx10.dll [2010-12-13 19:24:39 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-12-13 19:24:39 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-12-13 19:24:35 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010-12-13 19:24:35 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010-12-13 19:24:34 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [color=#E56717]========== LOP Check ==========[/color] [2012-03-02 17:18:43 | 000,000,000 | ---D | M] -- C:\Users\Maks\AppData\Roaming\.minecraft [2012-04-19 17:56:45 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\.minecraft [2012-01-18 17:16:23 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\abgx360 [2010-11-09 22:17:30 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Airytec [2012-05-16 19:15:16 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2011-11-12 10:28:22 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\eKWEJK [2012-05-16 18:39:46 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Gadu-Gadu 10 [2012-02-20 18:12:38 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\gtk-2.0 [2011-12-29 12:45:56 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ImgBurn [2011-09-01 21:02:55 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\ipla [2010-10-26 16:42:53 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\OpenFM [2011-01-31 22:26:00 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\OpenOffice.org [2011-01-12 20:53:55 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Opera [2011-08-22 18:04:46 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\PhotoScape [2012-03-13 18:30:28 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\pymclevel [2010-11-04 19:54:31 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Qrix [2011-02-26 14:07:26 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\RDRM [2012-01-23 15:53:17 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\SecondLife [2012-01-22 17:42:34 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\SumatraPDF [2011-12-17 14:57:37 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\toolplugin [2012-05-17 20:24:31 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\uTorrent [2011-11-24 19:12:06 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Windows Live Writer [2012-03-02 17:06:23 | 000,000,000 | ---D | M] -- C:\Users\NAZWA USERA\AppData\Roaming\.minecraft [2012-04-16 14:47:27 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log] [log]OTL Extras logfile created on: 2012-05-17 20:37:02 - Run 2 OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Mateusz\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 41,81% Memory free 4,00 Gb Paging File | 2,23 Gb Available in Paging File | 55,68% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 121,00 Gb Total Space | 78,65 Gb Free Space | 65,00% Space Free | Partition Type: NTFS Drive D: | 251,51 Gb Total Space | 93,80 Gb Free Space | 37,29% Space Free | Partition Type: NTFS Computer Name: MAKS | User Name: Maks | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- Reg Error: Key error. File not found .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe () .html [@ = Opera.HTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* () exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{28E68FCC-2999-4C31-8075-49C7CAC81C2C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2F0FDADF-EE48-4824-A050-3BC8971035CE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{35DBE03A-75AC-42A7-8492-5FCEC6D9FC76}" = lport=2869 | protocol=6 | dir=in | app=system | "{3727B4F0-1E70-47AD-9362-97FE1FB4889C}" = lport=445 | protocol=6 | dir=in | app=system | "{3CBB7400-19C9-49EB-B222-8963F13B9ED3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{47EB5747-2287-43B4-9AAA-36C9BBADDB21}" = rport=445 | protocol=6 | dir=out | app=system | "{4FFF52D0-F0E1-4FE3-85A1-4C81BB3639CE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{531A3B98-96F3-4D74-8174-97809081CD96}" = lport=139 | protocol=6 | dir=in | app=system | "{6281F94D-C8E8-48E5-9D3C-81803A988E39}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{65FB75B5-72B7-422D-A35B-E324BA51CA09}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{704DCA9C-2321-4BC4-90CB-53E57A2EB499}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{73822A90-80F1-4209-8E60-D71DD696063E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7FBFB817-621C-454E-9ADD-27D659B0A213}" = lport=138 | protocol=17 | dir=in | app=system | "{8E69DF51-8F1E-47D8-9E6A-FCECCC0371CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A7EBF57F-39BA-4A29-88EE-2298FCDBC06A}" = lport=137 | protocol=17 | dir=in | app=system | "{A91D2242-FF2C-445B-AA0F-CC4FFFE2C8EC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B1C518FF-D556-4E3F-965B-915A80399C55}" = rport=138 | protocol=17 | dir=out | app=system | "{C1F6E62E-B055-4C5D-AA48-C9A513F78D2C}" = rport=137 | protocol=17 | dir=out | app=system | "{D54500FA-62E2-4B91-980F-B721C12AC494}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D8DF7A93-A48F-443D-80AB-8993BC0D650E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{D9D6C30F-D98C-44AC-AFAD-69F4DA17BF06}" = rport=10243 | protocol=6 | dir=out | app=system | "{EB2F39D7-4154-4083-B2CC-F5869545338B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{F2EA3427-18E7-4BC7-B4B1-10EFD29003AD}" = rport=139 | protocol=6 | dir=out | app=system | "{F3F6ACF7-A7DB-455E-A4DA-DBB51F2678F8}" = lport=10243 | protocol=6 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00BEFD67-4553-46D8-9173-361831F9CE52}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{02D68EF5-0864-4CCA-9CC8-D0C9370B778C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{0B670B0D-1E5D-4B3D-B6DB-017AF9E3B62B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{0FB01ADC-768C-4FF0-9E01-C439165A8E18}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{0FFAB416-B1F4-45CF-BEDD-7118A04B617A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{13FB896D-7A53-48C4-B97A-C0BDCA1EAE95}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1A53927A-8C8C-4C87-8632-D8E9E9AB6542}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{2168D3CE-39D2-42DE-A160-38D445493B67}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{22484828-2C40-44B9-8035-8DA24C4AB836}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{230C5A55-5683-4AD9-8549-A8B042F108B8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{314B0E12-D881-4989-B522-AC074FCC9265}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{31852E5F-4FCF-4F1D-AC99-C253427F4073}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{4F2B2BE2-0840-4FE9-9647-98976A2FD518}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{56A00D2E-6F95-4689-BE88-240FC85194A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{6524AEA7-64C8-4D72-9462-72A0376181D9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{892C4CCC-F199-4FE0-92AA-ACD4ACC6AF5E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{8AF6EDFB-E783-4016-BCD5-71F8F66372DA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{8B037EC5-5F02-4AA3-8AE7-40EB6B1DA269}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{8DE25077-8103-44A1-88EE-C988A4AEB1D8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{91FB5F34-2C2A-4E98-927F-98B8A43B0C4A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{9D860C50-C78F-4075-80A6-A0301C6F855B}" = protocol=6 | dir=out | app=system | "{A8920720-D372-482D-9A1F-A487F84DDB04}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{B9AA56C4-ED3F-4040-9414-CFE4F295242B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{D4F86077-4BEF-41BA-B060-ADE9678F6C76}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{E8DB25F8-B209-468F-9C22-70C2EF7F5B11}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{EEAB03D0-75FF-42A6-A3C2-A1BE976763E5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{EF41A397-6E46-4DB2-9E59-497687B940A4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "TCP Query User{00286FC0-A600-4596-B471-3FA564BCB665}D:\rockstar games\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=d:\rockstar games\gta san andreas\gta_sa.exe | "TCP Query User{55D84FF2-4BBE-40EC-BB31-E50746827EA4}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "TCP Query User{76E9A99C-F713-4954-AC37-34D20D89A86B}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "TCP Query User{7C0162E8-ABA6-4A6A-9A7D-4C2157A2EB54}N:\blackopsmp.exe" = protocol=6 | dir=in | app=n:\blackopsmp.exe | "TCP Query User{A4FEC94D-DDE6-4871-A0C2-0E1114ED7638}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{18B91B98-478F-4BFF-9443-3DB98182ADA1}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{4597FA23-1E44-4061-B8AF-6281DA4964F6}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{6C34141E-94C5-4932-83F9-A13A091B5B1E}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{879C5567-C8BD-437E-BA18-50458C2C7262}D:\rockstar games\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=d:\rockstar games\gta san andreas\gta_sa.exe | "UDP Query User{D27FF80E-774B-479C-A305-718D8E834F00}N:\blackopsmp.exe" = protocol=17 | dir=in | app=n:\blackopsmp.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "Airytec Switch Off" = Airytec Switch Off "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Sandboxie" = Sandboxie 3.66 (64-bit) "WinRAR archiver" = Archiwizator WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java(TM) 6 Update 20 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings "{37476589-E48E-439E-A706-56189E2ED4C4}" = TheBflix "{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{55D65D27-C0CD-4375-9021-F3D3D024ED90}_is1" = Minecraft PC Gamer Demo version 1.5 "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable "{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE "{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{66EBD70F-A42C-475F-AEDF-277378151045}" = Nero 7 Essentials "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{693CB1C0-50AD-4A94-BAD5-32E934C20AAE}" = Ogniem i Mieczem "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AB95979D-85EF-484A-9805-EB28E676E201}_is1" = Iso2God v1.3.6 "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1) "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1" = BMW M3 Challenge "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CB5F1FBF-57DB-4E22-83B0-FEC53C389762}" = YouTube Downloader Toolbar v5.6 "{CBF4DADD-974D-49C8-BC83-C6F31554001E}" = Adobe Setup "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DADDA6E8-A59B-4BC0-AF0B-C7A9D7BA5ACA}" = RC Cars "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0F07676-2C60-4465-A727-20DE3BFCABAC}" = Tony Hawks Pro Skater 4 "{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{F47E5EF3-F7CB-4459-9E5D-119511EBDD78}_is1" = Minecraft AA wersja 1.1 "abgx360" = abgx360 v1.0.6 "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_678cd98c8365a5647f9a2e539d120a8" = Adobe Photoshop CS3 "Cheat Engine 6.0_is1" = Cheat Engine 6.0 "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "DigitalPowered Toolbar" = DigitalPowered Toolbar "Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.39 "ENTERPRISE" = Microsoft Office Enterprise 2007 "Gadu-Gadu 10" = Gadu-Gadu 10 "ImgBurn" = ImgBurn "InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Anti-Virus 2012 "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 6.6.0 (Full) "LogMeIn Hamachi" = LogMeIn Hamachi "Mozilla Firefox 9.0.1 (x86 pl)" = Mozilla Firefox 9.0.1 (x86 pl) "MTA:SA 1.3" = MTA:SA v1.3 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "PhotoScape" = PhotoScape "RealPlayer 15.0" = RealPlayer "Red Alert 2" = Command & Conquer Red Alert 2 "Rzeźnik MPEGów 1.1.991_is1" = Rzeźnik MPEGów 1.1.991 "SecondLifeViewer" = SecondLifeViewer (remove only) "The KMPlayer" = The KMPlayer (remove only) "uTorrent" = µTorrent "uTorrentBar Toolbar" = uTorrentBar Toolbar "Winamp" = Winamp "WinGimp-2.0_is1" = GIMP 2.6.12 "WinLiveSuite" = Podstawowe programy Windows Live [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3205066703-1131101171-1123732844-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "FoxTab FLV Player" = FoxTab FLV Player "Google Chrome" = Google Chrome "PDF Reader" = PDF Reader "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-05-16 13:56:19 | Computer Name = Maks | Source = Windows Search Service | ID = 3058 Description = Error - 2012-05-16 13:56:19 | Computer Name = Maks | Source = Windows Search Service | ID = 7010 Description = Error - 2012-05-17 07:53:16 | Computer Name = Maks | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: SbieSvc.exe, wersja: 3.66.0.0, sygnatura czasowa: 0x4f6afb6f Nazwa modułu powodującego błąd: SbieSvc.exe, wersja: 3.66.0.0, sygnatura czasowa: 0x4f6afb6f Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000005fb8 Identyfikator procesu powodującego błąd: 0x4c8 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd34239c684800 Ścieżka aplikacji powodującej błąd: C:\Program Files\Sandboxie\SbieSvc.exe Ścieżka modułu powodującego błąd: C:\Program Files\Sandboxie\SbieSvc.exe Identyfikator raportu: e31d81c0-a016-11e1-8096-001ee5a92c41 Error - 2012-05-17 09:36:53 | Computer Name = Maks | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2012-05-17 09:36:53 | Computer Name = Maks | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2012-05-17 09:36:53 | Computer Name = Maks | Source = Microsoft-Windows-LoadPerf | ID = 3011 Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error - 2012-05-17 09:36:56 | Computer Name = Maks | Source = Microsoft-Windows-LoadPerf | ID = 3002 Description = Występująca w rejestrze wartość ciągu objaśniającego licznika wydajności jest niepoprawnie sformatowana. Wadliwie sformułowany ciąg to . Pierwszy wpis DWORD w sekcji danych (Data) zawiera wartość indeksu wadliwie sformułowanego ciągu, a drugi i trzeci wpis DWORD w sekcji danych zawiera ostatnie prawidłowe wartości indeksu. Error - 2012-05-17 13:20:50 | Computer Name = Maks | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: SbieSvc.exe, wersja: 3.66.0.0, sygnatura czasowa: 0x4f6afb6f Nazwa modułu powodującego błąd: SbieSvc.exe, wersja: 3.66.0.0, sygnatura czasowa: 0x4f6afb6f Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000005fb8 Identyfikator procesu powodującego błąd: 0x4a8 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd34515efdc0c0 Ścieżka aplikacji powodującej błąd: C:\Program Files\Sandboxie\SbieSvc.exe Ścieżka modułu powodującego błąd: C:\Program Files\Sandboxie\SbieSvc.exe Identyfikator raportu: a5a27fc0-a044-11e1-8c99-001ee5a92c41 Error - 2012-05-17 13:42:58 | Computer Name = Maks | Source = Application Hang | ID = 1002 Description = Program OTL.exe w wersji 3.2.43.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 92c Godzina rozpoczęcia: 01cd34531d132400 Godzina zakończenia: 29 Ścieżka aplikacji: C:\Users\Mateusz\Downloads\OTL.exe Identyfikator raportu: b7844271-a047-11e1-8c99-001a4d9e193f Error - 2012-05-17 14:24:00 | Computer Name = Maks | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: SbieSvc.exe, wersja: 3.66.0.0, sygnatura czasowa: 0x4f6afb6f Nazwa modułu powodującego błąd: SbieSvc.exe, wersja: 3.66.0.0, sygnatura czasowa: 0x4f6afb6f Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000005fb8 Identyfikator procesu powodującego błąd: 0x4cc Godzina uruchomienia aplikacji powodującej błąd: 0x01cd345a3231e4a0 Ścieżka aplikacji powodującej błąd: C:\Program Files\Sandboxie\SbieSvc.exe Ścieżka modułu powodującego błąd: C:\Program Files\Sandboxie\SbieSvc.exe Identyfikator raportu: 78d56b20-a04d-11e1-8abd-001ee5a92c41 [ System Events ] Error - 2012-05-17 14:24:30 | Computer Name = Maks | Source = PNRPSvc | ID = 102 Description = Error - 2012-05-17 14:24:30 | Computer Name = Maks | Source = Service Control Manager | ID = 7001 Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error - 2012-05-17 14:24:30 | Computer Name = Maks | Source = Service Control Manager | ID = 7023 Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error - 2012-05-17 14:24:39 | Computer Name = Maks | Source = PNRPSvc | ID = 102 Description = Error - 2012-05-17 14:24:40 | Computer Name = Maks | Source = PNRPSvc | ID = 102 Description = Error - 2012-05-17 14:24:39 | Computer Name = Maks | Source = Service Control Manager | ID = 7023 Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error - 2012-05-17 14:24:39 | Computer Name = Maks | Source = Service Control Manager | ID = 7001 Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error - 2012-05-17 14:24:40 | Computer Name = Maks | Source = Service Control Manager | ID = 7023 Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error - 2012-05-17 14:24:40 | Computer Name = Maks | Source = Service Control Manager | ID = 7001 Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error - 2012-05-17 14:26:13 | Computer Name = Maks | Source = Service Control Manager | ID = 7023 Description = Usługa Windows Defender zakończyła działanie; wystąpił następujący błąd: %%-2146762496 < End of report > [/log]Bardzo proszę o POMOC!!!
Gość komentarz 18 maja 2012 komentarz 18 maja 2012 Uruchom OTL i w oknie Własne opcje skanowania/skrypt wklej: [code]:Files C:\Users\Mateusz\AppData\Local\{662219B6-1EE6-45E0-9FA7-6318434B3795} :OTL IE - HKLM\..\URLSearchHook: {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\URLSearchHook: {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - No CLSID value found O2 - BHO: (DigitalPowered Toolbar) - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DigitalPowered Toolbar) - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\Toolbar\WebBrowser: (DigitalPowered Toolbar) - {B317125E-2F10-4388-BF1F-2C31C6CD89ED} - C:\Program Files (x86)\DigitalPowered\tbDigi.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKU\S-1-5-21-3205066703-1131101171-1123732844-1000..\Run: [RMF FM Miasto Muzyki] File not found O33 - MountPoints2\{50fdbf85-fbda-11e0-952d-001a4d9e193f}\Shell - "" = AutoRun O33 - MountPoints2\{50fdbf85-fbda-11e0-952d-001a4d9e193f}\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a O33 - MountPoints2\{97696589-de90-11df-8a49-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{97696589-de90-11df-8a49-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe O33 - MountPoints2\{97696589-de90-11df-8a49-806e6f6e6963}\Shell\readit\command - "" = notepad readme.doc O33 - MountPoints2\{bfa224eb-fe30-11df-82ea-001a4d9e193f}\Shell - "" = AutoRun O33 - MountPoints2\{bfa224eb-fe30-11df-82ea-001a4d9e193f}\Shell\AutoRun\command - "" = F:\KODAK_Software_Downloader.exe O33 - MountPoints2\{ff02a1e8-e69e-11df-8ab7-001a4d9e193f}\Shell - "" = AutoRun O33 - MountPoints2\{ff02a1e8-e69e-11df-8ab7-001a4d9e193f}\Shell\AutoRun\command - "" = L:\autorun.exe O33 - MountPoints2\M\Shell - "" = AutoRun :Commands [emptyflash] [emptytemp][/code] Kliknij w [color=#0000ff][b]Wykonaj skrypt[/b][/color] Uruchom [b]AdwCleaner[/b] i wykonaj skan z opcji [b]Search[/b]. Przedstaw raport.
BarneyStinson komentarz 18 maja 2012 Autor komentarz 18 maja 2012 [log]# AdwCleaner v1.606 - Logfile created 05/18/2012 at 17:20:26 # Updated 10/05/2012 by Xplode # Operating system : Windows 7 Ultimate (64 bits) # User : Maks - MAKS # Running from : C:\Users\Mateusz\Downloads\adwcleaner (1).exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [Registre - GUID] ***** ***** [Internet Browsers] ***** -\\ Internet Explorer v8.0.7600.16385 [OK] Registry is clean. -\\ Mozilla Firefox v9.0.1 (pl) Profile name : default File : C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\1s4t2mqf.default\prefs.js [OK] File is clean. Profile name : default File : C:\Users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\1s4t2mqf.default\prefs.js [OK] File is clean. -\\ Google Chrome v18.0.1025.168 File : C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. File : C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. -\\ Opera v [Unable to get version] File : C:\Users\Mateusz\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] File is clean. File : C:\Users\Mateusz\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] File is clean. ************************* AdwCleaner[S1].txt - [249 octets] - [17/05/2012 20:21:58] AdwCleaner[S2].txt - [19385 octets] - [17/05/2012 20:22:18] AdwCleaner[R1].txt - [1429 octets] - [18/05/2012 17:20:26] ########## EOF - C:\AdwCleaner[R1].txt - [1557 octets] ########## [/log]
Gość komentarz 18 maja 2012 komentarz 18 maja 2012 1 Uruchom OTL i kliknij [b]Sprzątanie[/b] 2. Uruchom AdwCleaner i kliknij [b]Uninstall[/b] 3. Testowo Kaspersky do deinstalacji sprawdz jak zachowuje sie system. 4. Obowiązkowa aktualizacja brak ServicePack1 dla Windows7 http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=c3202ce6-4056-4059-8a1b-3a9b77cdfdda pobierasz [b]windows6.1-KB976932-X64.exe 903.2 MB[/b]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.