legendk utworzono 10 sierpnia 2012 utworzono 10 sierpnia 2012 WItam, pojawił mi się ten wirus, musiałem odpalić komputer w trybie awaryjnym. Nie wiem jak go usunąć. Daje logi z OTL'a: [log]OTL logfile created on: 2012-08-10 19:13:45 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Kacper\Desktop Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 51,88% Memory free 4,00 Gb Paging File | 3,01 Gb Available in Paging File | 75,34% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 75,13 Gb Total Space | 21,25 Gb Free Space | 28,29% Space Free | Partition Type: NTFS Drive D: | 195,32 Gb Total Space | 44,99 Gb Free Space | 23,03% Space Free | Partition Type: NTFS Drive E: | 195,31 Gb Total Space | 22,43 Gb Free Space | 11,48% Space Free | Partition Type: NTFS Computer Name: ENGINE | User Name: Kacper | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 7 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-08-10 19:10:45 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Kacper\Desktop\OTL.exe PRC - [2012-08-07 08:43:41 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 03:14:23 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-07-14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ctfmon.exe PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-08-10 19:10:45 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Kacper\Desktop\OTL.exe MOD - [2012-08-07 16:48:07 | 000,159,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll MOD - [2012-08-07 08:43:41 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\chrome.exe MOD - [2012-08-07 08:43:40 | 000,442,392 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll MOD - [2012-08-07 08:43:39 | 012,235,800 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll MOD - [2012-08-07 08:43:37 | 003,997,720 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\pdf.dll MOD - [2012-08-07 08:42:19 | 009,962,520 | ---- | M] (The ICU Project) -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\icudt.dll MOD - [2012-08-07 08:42:12 | 037,958,680 | ---- | M] (Google Inc.) -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\chrome.dll MOD - [2012-08-07 08:42:09 | 000,144,424 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\avutil-51.dll MOD - [2012-08-07 08:42:08 | 000,266,792 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\avformat-54.dll MOD - [2012-08-07 08:42:07 | 002,480,680 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\avcodec-54.dll MOD - [2012-02-29 22:53:46 | 000,062,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll MOD - [2012-01-03 15:10:44 | 000,394,136 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll MOD - [2011-08-30 23:05:02 | 000,121,704 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mdnsNSP.dll MOD - [2011-05-28 23:04:56 | 000,140,288 | ---- | M] (Alexander Roshal) -- C:\Program Files\WinRAR\RarExt.dll MOD - [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL MOD - [2010-03-25 03:46:54 | 008,898,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\1045\GrooveIntlResource.dll MOD - [2010-01-30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010-01-09 21:21:18 | 000,061,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcryptprimitives.dll MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009-07-14 03:17:51 | 001,286,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2009-07-14 03:16:21 | 000,674,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwanmm.dll MOD - [2009-07-14 03:16:21 | 000,327,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\zipfldr.dll MOD - [2009-07-14 03:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll MOD - [2009-07-14 03:16:21 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2009-07-14 03:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll MOD - [2009-07-14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2009-07-14 03:16:20 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll MOD - [2009-07-14 03:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll MOD - [2009-07-14 03:16:20 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll MOD - [2009-07-14 03:16:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL MOD - [2009-07-14 03:16:19 | 000,977,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll MOD - [2009-07-14 03:16:19 | 000,748,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WlanMM.dll MOD - [2009-07-14 03:16:19 | 000,348,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-07-14 03:16:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2009-07-14 03:16:19 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll MOD - [2009-07-14 03:16:19 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll MOD - [2009-07-14 03:16:19 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll MOD - [2009-07-14 03:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll MOD - [2009-07-14 03:16:18 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll MOD - [2009-07-14 03:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2009-07-14 03:16:18 | 000,377,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll MOD - [2009-07-14 03:16:18 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webio.dll MOD - [2009-07-14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll MOD - [2009-07-14 03:16:18 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WcnApi.dll MOD - [2009-07-14 03:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll MOD - [2009-07-14 03:16:18 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll MOD - [2009-07-14 03:16:17 | 001,224,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-07-14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-07-14 03:16:17 | 000,638,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-07-14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-07-14 03:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll MOD - [2009-07-14 03:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 03:16:16 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\twext.dll MOD - [2009-07-14 03:16:15 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll MOD - [2009-07-14 03:16:15 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll MOD - [2009-07-14 03:16:15 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll MOD - [2009-07-14 03:16:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll MOD - [2009-07-14 03:16:15 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-07-14 03:16:15 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\syncui.dll MOD - [2009-07-14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009-07-14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll MOD - [2009-07-14 03:16:15 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll MOD - [2009-07-14 03:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll MOD - [2009-07-14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2009-07-14 03:16:14 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-07-14 03:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll MOD - [2009-07-14 03:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-07-14 03:16:13 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFolder.dll MOD - [2009-07-14 03:16:13 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 03:16:13 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sbdrop.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009-07-14 03:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll MOD - [2009-07-14 03:16:13 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll MOD - [2009-07-14 03:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-07-14 03:16:12 | 001,750,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-07-14 03:16:12 | 000,845,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RASMM.dll MOD - [2009-07-14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-07-14 03:16:12 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll MOD - [2009-07-14 03:16:12 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll MOD - [2009-07-14 03:16:12 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2009-07-14 03:16:12 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\onex.dll MOD - [2009-07-14 03:16:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL MOD - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll MOD - [2009-07-14 03:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-07-14 03:16:12 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 03:16:12 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\osbaseln.dll MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 03:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 03:16:11 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2009-07-14 03:16:03 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll MOD - [2009-07-14 03:16:03 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll MOD - [2009-07-14 03:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll MOD - [2009-07-14 03:16:03 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll MOD - [2009-07-14 03:15:52 | 001,386,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll MOD - [2009-07-14 03:15:52 | 001,233,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll MOD - [2009-07-14 03:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 03:15:49 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll MOD - [2009-07-14 03:15:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll MOD - [2009-07-14 03:15:44 | 002,340,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll MOD - [2009-07-14 03:15:44 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll MOD - [2009-07-14 03:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 03:15:43 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll MOD - [2009-07-14 03:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll MOD - [2009-07-14 03:15:42 | 000,481,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll MOD - [2009-07-14 03:15:42 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll MOD - [2009-07-14 03:15:41 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-07-14 03:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpOAV.dll MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll MOD - [2009-07-14 03:15:35 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-07-14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll MOD - [2009-07-14 03:15:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL MOD - [2009-07-14 03:15:32 | 000,392,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll MOD - [2009-07-14 03:15:32 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-07-14 03:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll MOD - [2009-07-14 03:15:28 | 010,973,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2009-07-14 03:15:28 | 002,058,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2009-07-14 03:15:28 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll MOD - [2009-07-14 03:15:24 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll MOD - [2009-07-14 03:15:24 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HelpPaneProxy.dll MOD - [2009-07-14 03:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll MOD - [2009-07-14 03:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll MOD - [2009-07-14 03:15:22 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll MOD - [2009-07-14 03:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll MOD - [2009-07-14 03:15:22 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll MOD - [2009-07-14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll MOD - [2009-07-14 03:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll MOD - [2009-07-14 03:15:21 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL MOD - [2009-07-14 03:15:21 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll MOD - [2009-07-14 03:15:21 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll MOD - [2009-07-14 03:15:20 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll MOD - [2009-07-14 03:15:20 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll MOD - [2009-07-14 03:15:20 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdWNet.dll MOD - [2009-07-14 03:15:19 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll MOD - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-07-14 03:15:14 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll MOD - [2009-07-14 03:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll MOD - [2009-07-14 03:15:13 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll MOD - [2009-07-14 03:15:13 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 03:15:13 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll MOD - [2009-07-14 03:15:13 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dtsh.dll MOD - [2009-07-14 03:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drprov.dll MOD - [2009-07-14 03:15:12 | 001,040,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Display.dll MOD - [2009-07-14 03:15:12 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll MOD - [2009-07-14 03:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfscli.dll MOD - [2009-07-14 03:15:10 | 000,484,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll MOD - [2009-07-14 03:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll MOD - [2009-07-14 03:15:08 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll MOD - [2009-07-14 03:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davhlpr.dll MOD - [2009-07-14 03:15:07 | 001,151,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll MOD - [2009-07-14 03:15:07 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-07-14 03:15:07 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 03:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2009-07-14 03:15:07 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll MOD - [2009-07-14 03:15:07 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009-07-14 03:15:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll MOD - [2009-07-14 03:14:59 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll MOD - [2009-07-14 03:14:58 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll MOD - [2009-07-14 03:14:57 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-07-14 03:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll MOD - [2009-07-14 03:14:52 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll MOD - [2009-07-14 03:14:52 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2009-07-14 03:14:51 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll MOD - [2009-07-14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe MOD - [2009-07-14 03:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ctfmon.exe MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 03:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl MOD - [2009-07-14 03:14:09 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl MOD - [2009-07-14 03:14:08 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl MOD - [2009-07-14 03:14:08 | 000,649,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appwiz.cpl MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2009-07-14 03:14:08 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv MOD - [2009-07-14 03:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.dll MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll MOD - [2009-07-14 03:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2009-07-14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll MOD - [2009-06-10 23:14:56 | 000,652,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll MOD - [2009-06-10 23:14:54 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcp90.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-08-04 18:39:04 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-03-01 01:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-02-08 14:16:00 | 004,562,760 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2012-01-11 16:06:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-03-16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-03-25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva397.sys -- (XDva397) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Program Files\IPlayUnlimited\Cabal\Byakko.K32 -- (ByakkoDriver) DRV - [2012-03-01 01:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012-02-15 15:34:51 | 000,097,552 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MijXfilt.sys -- (MotioninJoyXFilter) DRV - [2012-01-14 10:09:38 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-03-18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009-07-14 00:02:53 | 000,545,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73) DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2653012 IE - HKCU\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kacper\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kacper\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-06-13 15:49:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-08-04 18:39:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-05-21 23:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kacper\AppData\Roaming\mozilla\Extensions [2012-08-04 16:46:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kacper\AppData\Roaming\mozilla\Firefox\Profiles\3fwa50q0.default\extensions [2012-08-04 16:46:09 | 000,000,000 | ---D | M] (stock zoom) -- C:\Users\Kacper\AppData\Roaming\mozilla\Firefox\Profiles\3fwa50q0.default\extensions\istockzoom@kanjar.art.pl [2012-05-21 23:14:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-08-04 18:39:04 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-04-21 04:18:44 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-04-21 04:18:44 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-04-21 04:18:44 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-04-21 04:18:44 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-04-21 04:18:44 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-04-21 04:18:44 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://google.pl/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, CHR - homepage: http://google.pl/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Disabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Disabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Disabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealJukebox NS Plugin (Disabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Disabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: Google Update (Enabled) = C:\Users\Kacper\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll CHR - Extension: Search on YouTube = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\bccnhhcaemojkekjficjgjbldobiffjk\1.3.0_0\ CHR - Extension: YouTube = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Szukaj w Google = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Dziennik Lekcyjny = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbjeiahmgcahgpgpncpkpfndecmnoaij\1_0\ CHR - Extension: Duck Gravity = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpikpdaalmlcipfphefaajfiofglcma\1.2.0_0\ CHR - Extension: http://192.168.1.100/ = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngfgginkfmnbpghmpdcafomhgdckkjnd\2012.1.24.59693_0\ CHR - Extension: Gmail = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2011-01-27 15:00:57 | 000,001,211 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [PC Health Status] C:\Users\Kacper\AppData\Roaming\tcfchmbr.exe () O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com) O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKCU..\Run: [PC Health Status] C:\Users\Kacper\AppData\Roaming\tcfchmbr.exe () O4 - HKCU..\Run: [RGSC] E:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found O4 - HKCU..\Run: [screenSHU] C:\Program Files\screenSHU\screenSHU.exe () O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks) O4 - HKCU..\RunOnce: [036DFF5902C2E1CE0046DEE64F147C45] C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kacper\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B1D4A86-B8A9-4419-AB66-29D4A9B5CD44}: DhcpNameServer = 192.168.1.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E25D65E-3F26-42AA-A675-FDAC002BCC8D}: DhcpNameServer = 192.168.1.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B99CC24A-B193-4649-BCFA-3B601ABA533B}: DhcpNameServer = 192.168.1.100 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{c2816c14-3dda-11e1-8df7-0016e6ddf839}\Shell - "" = AutoRun O33 - MountPoints2\{c2816c14-3dda-11e1-8df7-0016e6ddf839}\Shell\AutoRun\command - "" = G:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 7 Days ==========[/color] [2012-08-10 19:10:46 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Kacper\Desktop\OTL.exe [2012-08-10 18:54:44 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum [2012-08-10 18:51:36 | 000,000,000 | ---D | C] -- C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45 [2012-08-10 15:01:25 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\Nowy folder [2012-08-08 15:42:34 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\PROJEKT DEWON [2012-08-07 16:45:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2012-08-07 16:45:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-08-07 16:44:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2012-08-07 16:44:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-08-07 16:43:19 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-08-07 16:43:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework [2012-08-07 16:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2012-08-07 16:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8 [2012-08-07 16:41:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2012-08-07 16:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012-08-07 16:39:04 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012-08-07 14:06:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-08-04 16:51:27 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\stocki [3 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files - Modified Within 7 Days ==========[/color] [2012-08-10 19:10:45 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Kacper\Desktop\OTL.exe [2012-08-10 19:00:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-08-10 19:00:00 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys [2012-08-10 18:54:43 | 000,062,976 | ---- | M] () -- C:\Users\Kacper\AppData\Roaming\pjqgelin.exe [2012-08-10 18:50:21 | 000,103,936 | ---- | M] () -- C:\Users\Kacper\AppData\Roaming\691E76C7.exe [2012-08-10 18:50:07 | 000,062,976 | ---- | M] () -- C:\Users\Kacper\AppData\Roaming\tcfchmbr.exe [2012-08-10 18:40:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-572751724-1944054612-232048248-1001UA.job [2012-08-10 16:35:48 | 000,006,554 | ---- | M] () -- C:\Users\Kacper\Desktop\Bez-nazwy-1.gif [2012-08-10 15:30:44 | 000,075,256 | ---- | M] () -- C:\Users\Kacper\Desktop\dcf47a36ce56226c99bc91a448b4d5c7.gif [2012-08-10 12:59:02 | 000,048,637 | ---- | M] () -- C:\Users\Kacper\Desktop\Bez nazwy-3.png [2012-08-10 11:40:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-572751724-1944054612-232048248-1001Core.job [2012-08-10 09:30:30 | 000,014,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-10 09:30:30 | 000,014,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-10 00:35:51 | 000,166,896 | ---- | M] () -- C:\Users\Kacper\Desktop\IMG_0130.JPG [2012-08-09 22:11:52 | 000,040,951 | ---- | M] () -- C:\Users\Kacper\Desktop\Bez nazwy-3.jpg [2012-08-09 16:26:53 | 000,001,493 | ---- | M] () -- C:\Users\Kacper\Desktop\PS3.xpaddercontroller [2012-08-09 16:20:39 | 000,687,590 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-08-09 16:20:39 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-08-09 16:20:39 | 000,131,176 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-08-09 16:20:39 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-08-09 16:17:38 | 000,000,357 | ---- | M] () -- C:\Users\Kacper\Desktop\My MotioninJoy Virtual Game Controller.xpaddercontroller [2012-08-09 14:57:44 | 006,374,808 | ---- | M] () -- C:\Users\Kacper\Desktop\DEWON.psd [2012-08-09 14:42:52 | 000,002,452 | ---- | M] () -- C:\Users\Kacper\Desktop\Google Chrome.lnk [2012-08-08 10:09:15 | 003,822,152 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-08-07 21:01:56 | 000,963,488 | ---- | M] () -- C:\Users\Kacper\Desktop\IMG_0223.JPG [2012-08-07 20:56:47 | 001,083,716 | ---- | M] () -- C:\Users\Kacper\Documents\tomek2.ai [2012-08-07 20:53:22 | 001,345,608 | ---- | M] () -- C:\Users\Kacper\Documents\tomek3.ai [2012-08-07 20:12:04 | 005,072,188 | ---- | M] () -- C:\Users\Kacper\Desktop\Logo Design Love (2010).pdf [2012-08-07 20:05:54 | 005,072,188 | ---- | M] () -- C:\Users\Kacper\Desktop\Logo design love.pdf [2012-08-07 17:19:58 | 000,076,800 | ---- | M] () -- C:\Users\Kacper\Desktop\Szablon Edward Siuda.dot [2012-08-07 17:17:37 | 000,050,946 | ---- | M] () -- C:\Users\Kacper\Desktop\Untitled-1.png [2012-08-07 16:55:34 | 000,023,181 | ---- | M] () -- C:\Users\Kacper\Desktop\tomek2.png [2012-08-07 13:04:41 | 000,063,978 | ---- | M] () -- C:\Users\Kacper\Documents\tomek2.png [2012-08-06 14:47:48 | 019,190,333 | ---- | M] () -- C:\Users\Kacper\Documents\malina.ai [2012-08-05 20:57:44 | 001,102,618 | ---- | M] () -- C:\Users\Kacper\Documents\microcod.ai [2012-08-05 19:12:11 | 001,608,889 | ---- | M] () -- C:\Users\Kacper\Documents\tomek.ai [2012-08-04 13:41:21 | 001,203,503 | ---- | M] () -- C:\Users\Kacper\Documents\stalmot.ai [2012-08-03 23:01:42 | 000,122,924 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat [2012-08-03 21:28:22 | 001,444,056 | ---- | M] () -- C:\Users\Kacper\Documents\lew.ai [3 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-10 18:54:43 | 000,062,976 | ---- | C] () -- C:\Users\Kacper\AppData\Roaming\pjqgelin.exe [2012-08-10 18:50:21 | 000,103,936 | ---- | C] () -- C:\Users\Kacper\AppData\Roaming\691E76C7.exe [2012-08-10 18:50:07 | 000,062,976 | ---- | C] () -- C:\Users\Kacper\AppData\Roaming\tcfchmbr.exe [2012-08-10 16:35:47 | 000,006,554 | ---- | C] () -- C:\Users\Kacper\Desktop\Bez-nazwy-1.gif [2012-08-10 15:30:48 | 000,075,256 | ---- | C] () -- C:\Users\Kacper\Desktop\dcf47a36ce56226c99bc91a448b4d5c7.gif [2012-08-10 12:59:01 | 000,048,637 | ---- | C] () -- C:\Users\Kacper\Desktop\Bez nazwy-3.png [2012-08-10 00:32:05 | 000,166,896 | ---- | C] () -- C:\Users\Kacper\Desktop\IMG_0130.JPG [2012-08-09 22:11:49 | 000,040,951 | ---- | C] () -- C:\Users\Kacper\Desktop\Bez nazwy-3.jpg [2012-08-09 16:26:53 | 000,001,493 | ---- | C] () -- C:\Users\Kacper\Desktop\PS3.xpaddercontroller [2012-08-09 16:17:38 | 000,000,357 | ---- | C] () -- C:\Users\Kacper\Desktop\My MotioninJoy Virtual Game Controller.xpaddercontroller [2012-08-08 13:22:02 | 006,374,808 | ---- | C] () -- C:\Users\Kacper\Desktop\DEWON.psd [2012-08-07 21:01:34 | 000,963,488 | ---- | C] () -- C:\Users\Kacper\Desktop\IMG_0223.JPG [2012-08-07 20:53:22 | 001,345,608 | ---- | C] () -- C:\Users\Kacper\Documents\tomek3.ai [2012-08-07 20:11:44 | 005,072,188 | ---- | C] () -- C:\Users\Kacper\Desktop\Logo Design Love (2010).pdf [2012-08-07 20:05:23 | 005,072,188 | ---- | C] () -- C:\Users\Kacper\Desktop\Logo design love.pdf [2012-08-07 17:19:57 | 000,076,800 | ---- | C] () -- C:\Users\Kacper\Desktop\Szablon Edward Siuda.dot [2012-08-07 17:17:36 | 000,050,946 | ---- | C] () -- C:\Users\Kacper\Desktop\Untitled-1.png [2012-08-07 16:55:33 | 000,023,181 | ---- | C] () -- C:\Users\Kacper\Desktop\tomek2.png [2012-08-07 13:04:35 | 000,063,978 | ---- | C] () -- C:\Users\Kacper\Documents\tomek2.png [2012-08-05 20:57:42 | 001,102,618 | ---- | C] () -- C:\Users\Kacper\Documents\microcod.ai [2012-08-05 20:31:33 | 001,083,716 | ---- | C] () -- C:\Users\Kacper\Documents\tomek2.ai [2012-08-05 19:12:09 | 001,608,889 | ---- | C] () -- C:\Users\Kacper\Documents\tomek.ai [2012-08-05 15:13:01 | 019,190,333 | ---- | C] () -- C:\Users\Kacper\Documents\malina.ai [2012-08-04 13:41:18 | 001,203,503 | ---- | C] () -- C:\Users\Kacper\Documents\stalmot.ai [2012-06-30 23:10:30 | 000,004,608 | ---- | C] () -- C:\Users\Kacper\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-06-22 16:16:41 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2012-06-19 08:40:51 | 000,000,056 | RHS- | C] () -- C:\Windows\System32\A75CB6EB66.sys [2012-06-18 19:10:17 | 000,003,350 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys [2012-06-13 22:13:25 | 000,122,924 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2012-04-06 12:08:49 | 000,000,765 | ---- | C] () -- C:\Windows\Rtcw.INI [2012-02-15 15:50:48 | 000,138,536 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2012-02-15 15:50:44 | 000,270,408 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2012-02-15 15:50:20 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2012-01-08 12:33:54 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011-12-27 20:31:20 | 004,342,784 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll [2011-12-27 20:31:04 | 000,135,680 | ---- | C] () -- C:\Windows\System32\IntelQuickSyncDecoder.dll [2011-12-21 18:10:32 | 000,172,032 | ---- | C] () -- C:\Windows\System32\libbluray.dll [2011-12-21 18:10:26 | 006,266,784 | ---- | C] () -- C:\Windows\System32\avcodec-lav-53.dll [2011-12-21 18:10:26 | 000,977,648 | ---- | C] () -- C:\Windows\System32\avformat-lav-53.dll [2011-12-21 18:10:26 | 000,353,984 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll [2011-12-21 18:10:26 | 000,202,728 | ---- | C] () -- C:\Windows\System32\avutil-lav-51.dll [2011-12-21 18:10:26 | 000,127,384 | ---- | C] () -- C:\Windows\System32\avfilter-lav-2.dll [2011-12-20 20:50:04 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-12-20 20:49:56 | 000,099,328 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll [2011-12-20 20:49:54 | 000,158,720 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll [2011-12-20 20:49:54 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll [2011-12-20 20:49:52 | 001,525,248 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll [2011-12-20 20:49:52 | 000,212,480 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll [2011-12-20 20:49:52 | 000,115,200 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll [2011-12-20 20:49:50 | 000,328,704 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll [2011-12-20 20:49:50 | 000,260,608 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll [2011-12-20 20:49:50 | 000,137,728 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll [2011-10-15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011-09-08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll [2011-09-08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\System32\mp4.dll [2011-09-08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll [2011-09-08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll [2011-09-08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe [2011-09-08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\System32\ts.dll [2011-09-08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe [2011-09-08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe [2011-09-08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll [2011-09-08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll [2011-05-30 15:42:50 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-05-23 09:46:30 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-03-03 13:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll [2011-03-03 13:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll [2011-03-03 13:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll [2010-08-18 21:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\System32\Registration.ini [color=#E56717]========== LOP Check ==========[/color] [2012-07-27 11:26:56 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\.minecraft [2012-07-27 11:41:08 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\.Nitrous [2012-07-21 18:12:12 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Audacity [2012-01-09 23:23:49 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012-01-28 15:55:09 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\DAEMON Tools Lite [2012-02-19 23:04:59 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\DVDVideoSoft [2012-02-19 23:04:41 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\DVDVideoSoftIEHelpers [2012-07-27 17:55:04 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\EurekaLog [2012-04-11 15:03:03 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Gadu-Gadu 10 [2012-04-07 09:16:09 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\GameRanger [2012-02-14 16:00:13 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Macro Recorder [2012-05-02 13:11:04 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\MD5 Checksum Verifier [2012-02-15 15:26:20 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\MotioninJoy [2012-06-13 15:49:39 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\NapiProjekt [2012-01-13 23:49:21 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\OpenFM [2012-03-06 19:06:55 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Opera [2012-02-18 23:19:45 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Origin [2012-06-21 13:57:28 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\redsn0w [2012-03-22 18:28:20 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Rovio [2012-02-15 15:17:57 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Ubisoft [2012-08-10 18:54:31 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\uTorrent [2012-06-29 13:33:11 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-07-14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2012-01-07 22:07:44 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2009-06-10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2011-08-24 19:26:36 | 000,633,134 | ---- | M] () -- C:\data1.cab [2011-08-24 19:26:36 | 000,067,249 | ---- | M] () -- C:\data1.hdr [2011-08-24 19:43:18 | 3342,986,474 | ---- | M] () -- C:\data2.cab [2004-10-22 03:16:58 | 000,470,174 | ---- | M] () -- C:\engine32.cab [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt [2007-11-07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt [2007-11-07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt [2007-11-07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini [2012-04-20 21:55:55 | 000,346,611 | RHS- | M] () -- C:\HFUJR [2012-08-10 19:00:00 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys [2007-11-07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe [2007-11-07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini [2007-11-07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll [2007-11-07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll [2007-11-07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll [2007-11-07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll [2007-11-07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll [2007-11-07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll [2007-11-07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll [2007-11-07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll [2007-11-07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll [2012-01-23 15:53:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-04-20 21:55:55 | 000,000,000 | RHS- | M] () -- C:\kwxq.ld [2011-08-24 19:43:18 | 000,000,455 | ---- | M] () -- C:\layout.bin [2012-01-23 15:53:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-08-10 19:00:01 | 2147,016,704 | -HS- | M] () -- C:\pagefile.sys [2004-10-22 03:16:58 | 000,118,736 | ---- | M] (Macrovision Corporation) -- C:\setup.exe [2011-08-24 19:26:28 | 000,390,503 | ---- | M] () -- C:\setup.ibt [2011-08-24 19:26:28 | 000,000,484 | ---- | M] () -- C:\setup.ini [2011-08-24 19:26:28 | 000,206,045 | ---- | M] () -- C:\setup.inx [2007-11-07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp [2007-11-07 09:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab [2007-11-07 09:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI [3 C:\*.tmp files -> C:\*.tmp -> ] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\Windows.old\Windows\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < End of report > [/log] extras.txt [log]OTL Extras logfile created on: 2012-08-10 19:13:45 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Kacper\Desktop Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 51,88% Memory free 4,00 Gb Paging File | 3,01 Gb Available in Paging File | 75,34% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 75,13 Gb Total Space | 21,25 Gb Free Space | 28,29% Space Free | Partition Type: NTFS Drive D: | 195,32 Gb Total Space | 44,99 Gb Free Space | 23,03% Space Free | Partition Type: NTFS Drive E: | 195,31 Gb Total Space | 22,43 Gb Free Space | 11,48% Space Free | Partition Type: NTFS Computer Name: ENGINE | User Name: Kacper | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 7 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- "C:\Program Files\Opera\Opera.exe" "%1" [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 "AntiVirusDisableNotify" = 1 "AntiVirusOverride" = 1 "FirewallDisableNotify" = 1 "FirewallOverride" = 1 "UpdatesDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{08533C29-F0DF-46CE-A486-BFCE443AF332}" = lport=139 | protocol=6 | dir=in | app=system | "{0FA1B715-646B-4034-BDFF-B0303AD6CF95}" = rport=2869 | protocol=6 | dir=out | app=system | "{144C3547-A4BC-4F9C-9A14-AC96DEED048A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{242EA9E7-B11B-42DA-84C3-EB92E781A5B0}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{35189E4B-B1BA-42AE-A70B-25D610CC3E00}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5161BD66-73DD-45FA-9BCD-C0DD2C45024C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5290C18F-4BA3-46CA-BF3E-BE6DC3EF01A6}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | "{5A8D8B31-6A60-4338-A8AE-88022E9961B0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5AB404C9-CB88-4CC4-AA25-83C1B1282341}" = lport=445 | protocol=6 | dir=in | app=system | "{688862D8-D380-4A28-8B9B-82B60B66B0A5}" = lport=10243 | protocol=6 | dir=in | app=system | "{68C553B8-27A1-4A2F-BA40-A9608A7212B5}" = rport=139 | protocol=6 | dir=out | app=system | "{725D7773-5C72-40E6-86C9-F1E36ACBBD4A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7D73FAB6-FF93-4B8C-B8C5-E4AEBF05FC14}" = lport=137 | protocol=17 | dir=in | app=system | "{7D82DB94-D704-412F-876E-0DF6FABB9B36}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{824F244E-728F-4E5B-99E6-DC6A33A8B03B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8278C112-88AA-44F2-9DC4-7FF6F8EDF8DE}" = rport=137 | protocol=17 | dir=out | app=system | "{86CA9D3D-7C89-4476-B32A-0085238768BF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{98D663C2-DE0D-4202-8440-A7CF3D72D2A2}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{9EA0B81A-F218-4065-B201-A6D485E2E449}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B52DE49C-35FB-4C7B-A4D0-C508035D9962}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{BB5982A0-526D-441E-A76E-C0C4B4BB30B9}" = rport=138 | protocol=17 | dir=out | app=system | "{BF04B0B5-D58C-4D6F-BBBE-2D985CA85DC3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{D10BE4E8-69DC-4237-AE20-409EFDF2E906}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D4A86D3A-A8C3-4875-B567-8E6BB155A566}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DD56B71B-A776-456A-8BB1-792B78A033D3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{DF587F98-A7EB-4D3C-8EA4-13E95149317D}" = lport=2869 | protocol=6 | dir=in | app=system | "{E3D60EC7-6266-4EFA-9E84-21A0917ECD01}" = lport=2869 | protocol=6 | dir=in | app=system | "{F798C174-C04E-428C-8396-3C3F5DE22F95}" = rport=445 | protocol=6 | dir=out | app=system | "{FAB47AED-67F1-4272-8ABE-B87E4E0C9C4A}" = rport=10243 | protocol=6 | dir=out | app=system | "{FC22603E-C67D-4A9D-A3A4-8950FF0B62B7}" = lport=138 | protocol=17 | dir=in | app=system | "{FE21E053-03B1-4548-B6DA-53CF6196B7FB}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0FF64BF6-F017-46FE-9790-E238EED6127F}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{16DDEDD1-00C5-4B76-BDE9-8A22410A8294}" = protocol=6 | dir=in | app=d:\steam\steamapps\556714\counter-strike source\hl2.exe | "{199E1199-78D2-47C9-96DB-05BE018B9D28}" = protocol=6 | dir=in | app=e:\program files\steam\steam.exe | "{1BDB68E6-35B1-4940-A7A0-77B9A7068863}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{23245BDD-F4EA-4EA3-AFFF-4C01FB8A0E70}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{2A279FFB-1BDC-4839-8F95-FD3512ECC516}" = dir=in | app=c:\program files\itunes\itunes.exe | "{2A66F480-7EE1-4871-AAF5-6F65B0C877E1}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{2B358ACD-A89D-44C3-9CFE-1EA05F61D79A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{36DD5031-7068-4F69-9272-2DC8E2BCB2DC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{4076BA05-4CB2-4696-94C0-9B61914A0CF9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "{486F1397-8A58-48D2-92B5-1F0DAC81651E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4E962061-AAFE-4571-AC16-7E855FFF82C8}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{50B9B561-0D81-4719-955E-79BAC5B4CA48}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5917F4EC-8A70-4390-A66A-1D346AA3895A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{599F6080-3DF3-42ED-98BF-C3F8197D0757}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe | "{60904DAD-AB2A-4960-951C-1B43080459DA}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{61521C8C-DE72-4E50-9347-E3EF0CD0E2B6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{619AB429-4111-45F6-9470-1653EFD3E497}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{63C32A79-1077-4D01-B041-5DBAC99ED054}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{682E6506-1A1D-40C9-BC70-8FBEA792EFE9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{6FC5CE93-C19A-4CD0-953C-C17401B59B9D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{7895E102-C4C0-488D-AF39-2C03DE02C869}" = protocol=17 | dir=in | app=e:\program files\steam\steam.exe | "{7CD1F60E-1E86-4F5B-BCEF-419141AAB1AD}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{80D72EE9-221B-40C2-AC02-9349BE2B85D8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{870C0E13-F9EF-448E-A0E0-4965EF637636}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{8D6FBEE2-7CF4-4659-B1FC-1C9471D7CC00}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8F12EA91-DB48-4503-A5E3-2496B9B08B7F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{927F5640-4D09-4207-9036-CEE7DA3BF25B}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{92C43028-A49E-4CF4-85D5-05ABBB811E87}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{99364421-3C39-452A-858F-96CD6F325657}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{99ACFDFF-9077-43EF-9486-71F3B3976591}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "{A2AA7FE0-4574-4701-A50F-C043B0462D49}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{A2D2CC3B-492A-4440-B8DF-FB856FAECC96}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{A906B756-AFE1-426C-9E48-040C44A10EA0}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{B3082408-87F4-4F8A-9A0C-579C9B640076}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{B3DE1FBF-7032-4C58-A547-141A6912EDF5}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{B5C18C6A-F4DD-4C79-AF8D-17773D083F4C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BBA35611-D480-4970-9DC7-FBFAD30039EB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{BE25EA6F-D77A-4D0F-8227-C0F13ACBFE1C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{BE48B027-9947-4CFF-B397-E4A7EE905357}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{C94D45A4-5D62-4722-B4C9-990D55D113CC}" = protocol=6 | dir=out | app=system | "{D110C923-EBB8-41DD-A97E-EEA7B3FCB3A3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe | "{D5EF3E86-DFD7-4510-B1AF-B423A0D337A0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E8EAD654-825B-4220-8F37-3B3D5A988791}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{EA1359F7-B57A-412D-98B9-3D8DA5F5BE7E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{EBC914F3-2915-474C-AD80-DAD303EAFC7F}" = protocol=17 | dir=in | app=d:\steam\steamapps\556714\counter-strike source\hl2.exe | "{F6FA303B-F4F5-4E97-A933-3CD8F8B350E5}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | "TCP Query User{20163578-272F-473A-8278-8358CE77F47B}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "TCP Query User{35B9FAE0-1D65-4973-9E24-7869E9DA1468}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{417FAE82-BAE8-40F7-86C2-F2CD9413AE5F}E:\program files\prototype 2\prototype2.exe" = protocol=6 | dir=in | app=e:\program files\prototype 2\prototype2.exe | "TCP Query User{45EF7F8D-0876-426D-8D9E-66D902F049DB}E:\borderlands(direct play with all 4 dlc's)\binaries\borderlands.exe" = protocol=6 | dir=in | app=e:\borderlands(direct play with all 4 dlc's)\binaries\borderlands.exe | "TCP Query User{73A735AC-44E6-4823-8C94-FB609D942927}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{93D6CCE6-4D96-47D7-95F1-87DFA9EC5FEA}E:\program files\prototype 2\prototype2.exe" = protocol=6 | dir=in | app=e:\program files\prototype 2\prototype2.exe | "TCP Query User{C23CF7F2-9AE0-4ECC-842C-54B7D1435F82}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "TCP Query User{DCD30532-6B77-4392-AF78-8DD4A83122C9}E:\program files\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=e:\program files\valve\portal 2\portal2.exe | "TCP Query User{E0DB0F5D-41E5-46BD-96C9-F479B2DA48FD}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{E16CC7FA-A67D-4A5C-BDC2-E80D276FD405}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "UDP Query User{192C81B0-529F-4DC3-9080-EFB58B786A2C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{509227D2-9E9E-49DA-9645-78665506D7C0}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "UDP Query User{556410DD-EB57-4816-A9AD-C5154D8496EC}E:\program files\prototype 2\prototype2.exe" = protocol=17 | dir=in | app=e:\program files\prototype 2\prototype2.exe | "UDP Query User{99815C54-EA05-4145-A722-2A6C71658BC2}E:\program files\prototype 2\prototype2.exe" = protocol=17 | dir=in | app=e:\program files\prototype 2\prototype2.exe | "UDP Query User{A10B2B4D-210C-4F52-9760-E7CB9CAD2E61}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | "UDP Query User{B6E83290-6615-49B8-ACD9-2FE535C1857E}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | "UDP Query User{DA3A6ABE-DA77-4E29-BEEC-FE6DD6399AE1}E:\borderlands(direct play with all 4 dlc's)\binaries\borderlands.exe" = protocol=17 | dir=in | app=e:\borderlands(direct play with all 4 dlc's)\binaries\borderlands.exe | "UDP Query User{EC36227E-8ACA-4461-80DB-23118026C2BF}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{EE82F4D5-FDFE-4807-AE5D-A127E4B0FCB4}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{FBBD352A-D8CC-4AB7-9D5E-8448E35603E2}E:\program files\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=e:\program files\valve\portal 2\portal2.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5 "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4 "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{23767F5D-A80C-4264-B8EA-ED4085FC332A}" = Adobe Illustrator CS5.1 "{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data "{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA "{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime "{2CA0BED6-1CBA-4BDD-8608-BC9D639EA0F3}" = Twierdza Krzyżowiec Extreme "{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0001 "{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City "{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect "{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA "{57E3E699-29C7-44F0-B487-7D6162E2A5BF}" = RohanOnline "{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist "{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support "{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9E6F8F73-6A33-4F40-A879-71600C1CD2EB}_is1" = EGCabal Online version 2 "{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2) "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5 "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86 "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English "{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM "{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant "{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}" = CorelDRAW Graphics Suite X5 - EN "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "ASIO4ALL" = ASIO4ALL "Audacity_is1" = Audacity 2.0 "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant "CWK" = CWK (Czasowy Wyłącznik Komputera) "DAEMON Tools Lite" = DAEMON Tools Lite "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "FL Studio 10" = FL Studio 10 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228 "Gadu-Gadu 10" = Gadu-Gadu 10 "HD Tune_is1" = HD Tune 2.55 "IL Download Manager" = IL Download Manager "KLiteCodecPack_is1" = K-Lite Codec Pack 8.0.0 (Full) "MD5 Checksum Verifier_is1" = MD5 Checksum Verifier 4.4 "Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt (2.0.0.2151) "NCLauncher_GameForge" = NC Launcher (GameForge) "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Origin" = Origin "Postal 2_is1" = Portal 2 "RealPlayer 15.0" = RealPlayer "Red Alert 2" = Command & Conquer Red Alert 2 "Return to Castle Wolfenstein" = Return to Castle Wolfenstein "Risen 2 Dark Waters_is1" = Risen 2 Dark Waters "Rohan_RBF" = RohanOnline "screenSHU" = screenSHU - the fastest screen capture ever. "SpeedFan" = SpeedFan (remove only) "Spolszczenie do gry Aion Free-To-Play_is1" = Spolszczenie do gry Aion Free-To-Play "SystemRequirementsLab" = System Requirements Lab "uTorrent" = µTorrent "Winamp" = Winamp "Windows 7 - Codec Pack" = Windows 7 Codec Pack 3.6.0 "WinRAR archiver" = WinRAR 4.01 (32-bitowy) "Yuri's Revenge" = Command && Conquer Red Alert 2 - Yuri's Revenge [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GameRanger" = GameRanger "Google Chrome" = Google Chrome "Live Security Platinum" = Live Security Platinum [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-07-29 20:13:03 | Computer Name = Engine | Source = VSS | ID = 8194 Description = Error - 2012-07-31 15:02:06 | Computer Name = Engine | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: veohwebplayer.exe, wersja: 1.3.8.1112, sygnatura czasowa: 0x4ed38024 Nazwa modułu powodującego błąd: QtCore4.dll, wersja: 4.7.0.0, sygnatura czasowa: 0x4dff2959 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00051ae6 Identyfikator procesu powodującego błąd: 0xcec Godzina uruchomienia aplikacji powodującej błąd: 0x01cd6ef86371dc81 Ścieżka aplikacji powodującej błąd: C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe Ścieżka modułu powodującego błąd: C:\Program Files\Veoh Networks\VeohWebPlayer\QtCore4.dll Identyfikator raportu: 381ac1f4-db42-11e1-9923-ba6c4038864e Error - 2012-08-03 04:03:18 | Computer Name = Engine | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: wmpnetwk.exe, wersja: 12.0.7600.16385, sygnatura czasowa: 0x4a5bccb3 Nazwa modułu powodującego błąd: wmp.dll, wersja: 12.0.7600.16385, sygnatura czasowa: 0x4a5bdb7f Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000ccf8 Identyfikator procesu powodującego błąd: 0xb94 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd714d3df0df19 Ścieżka aplikacji powodującej błąd: C:\Program Files\Windows Media Player\wmpnetwk.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\wmp.dll Identyfikator raportu: aeb3b012-dd41-11e1-8cdd-830790f1b747 Error - 2012-08-03 04:08:44 | Computer Name = Engine | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: svchost.exe_NlaSvc, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bc100 Nazwa modułu powodującego błąd: nlasvc.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bda7e Kod wyjątku: 0xc0000096 Przesunięcie błędu: 0x00003aa0 Identyfikator procesu powodującego błąd: 0x570 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd714cf381df2b Ścieżka aplikacji powodującej błąd: C:\Windows\system32\svchost.exe Ścieżka modułu powodującego błąd: c:\windows\system32\nlasvc.dll Identyfikator raportu: 70fb3faf-dd42-11e1-8cdd-830790f1b747 Error - 2012-08-03 04:08:44 | Computer Name = Engine | Source = Application Error | ID = 1005 Description = System Windows nie może uzyskać dostępu do pliku z jednej z następujących przyczyn: problem z połączeniem sieciowym; problem z dyskiem, na którym jest przechowywany plik; problem ze sterownikami magazynu zainstalowanymi na tym komputerze; brak dysku. System Windows zamknął program Proces hosta dla usług systemu Windows z powodu tego błędu. Program: Proces hosta dla usług systemu Windows Plik: Wartość błędu jest wyświetlona w sekcji Dodatkowe dane. Akcja użytkownika 1. Otwórz plik ponownie. Ta sytuacja może być przejściowym problemem, który sam się rozwiąże po ponownym uruchomieniu programu. 2. Jeśli nadal nie można uzyskać dostępu do pliku i - jest w sieci, administrator sieci powinien sprawdzić, czy nie ma problemu z siecią i czy można skontaktować się z serwerem. - jest na dysku wymiennym, na przykład dyskietce lub dysku CD-ROM, sprawdź, czy cały dysk jest włożony do komputera. 3. Sprawdź i napraw system plików, uruchamiając program CHKDSK. Aby uruchomić program CHKDSK, kliknij przycisk Start, kliknij polecenie Uruchom, wpisz polecenie CMD, a następnie kliknij przycisk OK. W wierszu polecenia wpisz polecenie CHKDSK /F, a następnie naciśnij klawisz ENTER. 4. Jeżeli problem nie ustąpi, przywróć plik z kopii zapasowej. 5. Ustal, czy można otworzyć inne pliki na tym samym dysku. Jeśli nie, dysk może być uszkodzony. Jeśli jest to dysk twardy, skontaktuj się z administratorem komputera lub dostawcą sprzętu komputerowego, aby uzyskać dalszą pomoc. Dodatkowe dane Wartość błędu: 00000000 Typ dysku: 0 Error - 2012-08-07 07:06:39 | Computer Name = Engine | Source = VSS | ID = 8194 Description = Error - 2012-08-07 08:07:48 | Computer Name = Engine | Source = Windows Search Service | ID = 3007 Description = Error - 2012-08-10 12:58:43 | Computer Name = Engine | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: 036DFF5902C2E1CE0046DEE64F147C45.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fff7bd7 Nazwa modułu powodującego błąd: 036DFF5902C2E1CE0046DEE64F147C45.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fff7bd7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000296f Identyfikator procesu powodującego błąd: 0x91c Godzina uruchomienia aplikacji powodującej błąd: 0x01cd77196524f939 Ścieżka aplikacji powodującej błąd: C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe Ścieżka modułu powodującego błąd: C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe Identyfikator raportu: a394b4f0-e30c-11e1-bbb2-c88abb33bb58 Error - 2012-08-10 12:58:52 | Computer Name = Engine | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: 036DFF5902C2E1CE0046DEE64F147C45.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fff7bd7 Nazwa modułu powodującego błąd: 036DFF5902C2E1CE0046DEE64F147C45.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fff7bd7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000296f Identyfikator procesu powodującego błąd: 0x604 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd77196b0ee467 Ścieżka aplikacji powodującej błąd: C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe Ścieżka modułu powodującego błąd: C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe Identyfikator raportu: a8e1854c-e30c-11e1-bbb2-c88abb33bb58 Error - 2012-08-10 12:58:54 | Computer Name = Engine | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: 036DFF5902C2E1CE0046DEE64F147C45.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fff7bd7 Nazwa modułu powodującego błąd: 036DFF5902C2E1CE0046DEE64F147C45.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fff7bd7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000296f Identyfikator procesu powodującego błąd: 0x37c Godzina uruchomienia aplikacji powodującej błąd: 0x01cd77196cc4e19a Ścieżka aplikacji powodującej błąd: C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe Ścieżka modułu powodującego błąd: C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe Identyfikator raportu: aa97827e-e30c-11e1-bbb2-c88abb33bb58 [ System Events ] Error - 2012-07-27 15:30:37 | Computer Name = Engine | Source = ipnathlp | ID = 31004 Description = Error - 2012-07-27 18:57:10 | Computer Name = Engine | Source = ipnathlp | ID = 31004 Description = Error - 2012-07-28 04:41:05 | Computer Name = Engine | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 10:40:05 na ?2012-?07-?28 było nieoczekiwane. Error - 2012-07-28 04:41:09 | Computer Name = ENGINE | Source = BugCheck | ID = 1001 Description = Error - 2012-07-29 04:51:35 | Computer Name = Engine | Source = ipnathlp | ID = 31004 Description = Error - 2012-07-29 07:23:03 | Computer Name = Engine | Source = ipnathlp | ID = 31004 Description = Error - 2012-07-29 10:14:07 | Computer Name = Engine | Source = ipnathlp | ID = 31004 Description = Error - 2012-07-30 02:48:39 | Computer Name = Engine | Source = Service Control Manager | ID = 7011 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi eventlog. Error - 2012-07-30 02:54:59 | Computer Name = Engine | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 08:52:51 na ?2012-?07-?30 było nieoczekiwane. Error - 2012-07-31 14:10:51 | Computer Name = Engine | Source = ipnathlp | ID = 31004 Description = < End of report > [/log] Dziękuje z góry!
Gość komentarz 10 sierpnia 2012 komentarz 10 sierpnia 2012 1. Uruchom OTL i w okno [b]Własne opcje skanowania /skrypt[/b] Wklej [code] :OTL O4 - HKCU..\Run: [PC Health Status] C:\Users\Kacper\AppData\Roaming\tcfchmbr.exe () O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [PC Health Status] C:\Users\Kacper\AppData\Roaming\tcfchmbr.exe () O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\RunOnce: [036DFF5902C2E1CE0046DEE64F147C45] C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe () :Files C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\ C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum C:\Users\Kacper\AppData\Roaming\pjqgelin.exe C:\Users\Kacper\AppData\Roaming\691E76C7.exe C:\Users\Kacper\AppData\Roaming\tcfchmbr.exe :Commands [emptytemp] [/code] Kliknij [b]Wykonaj skrypt[/b] Podaj raport z usuwania 2.Po restarcie kliknij [b]Sprzątanie[/b] 3.Wyskanuj system skanerem malwarebytes anti-malware 4.wykonaj na wszelki wypadek skan dostosowany Pobierz system look http://jpshortstuff.247fixes.com/SystemLook.exe i do okienka wklej [code] :reg HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s :filefind services.exe [/code] Kliknij look i dostarcz raport 5.podaj nowy log z otl
legendk komentarz 11 sierpnia 2012 Autor komentarz 11 sierpnia 2012 Dzięki wielkie.. W sumie sam go usunąłem, ale czyszczenie systemu też się bardzo przyda. Raport z usuwania: [log]All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PC Health Status deleted successfully. File C:\Users\Kacper\AppData\Roaming\tcfchmbr.exe not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5.5ServiceManager deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PC Health Status deleted successfully. File C:\Users\Kacper\AppData\Roaming\tcfchmbr.exe not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\036DFF5902C2E1CE0046DEE64F147C45 not found. File C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe not found. ========== FILES ========== Folder C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45 not found. C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum folder moved successfully. C:\Users\Kacper\AppData\Roaming\pjqgelin.exe moved successfully. C:\Users\Kacper\AppData\Roaming\691E76C7.exe moved successfully. File\Folder C:\Users\Kacper\AppData\Roaming\tcfchmbr.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Flash cache emptied: 56475 bytes User: Default User ->Temp folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Kacper ->Temp folder emptied: 635035734 bytes ->Java cache emptied: 1246974 bytes ->FireFox cache emptied: 180621757 bytes ->Google Chrome cache emptied: 244914938 bytes ->Opera cache emptied: 4538614 bytes ->Flash cache emptied: 139754 bytes User: Drugi ->Temp folder emptied: 435802 bytes ->Java cache emptied: 0 bytes ->Opera cache emptied: 54311196 bytes ->Flash cache emptied: 58727 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Flash cache emptied: 56475 bytes %systemdrive% .tmp files removed: 9080 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 6999018 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 1 076,00 mb OTL by OldTimer - Version 3.2.56.0 log created on 08112012_095149 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot... [/log] Logi z OTL: OTL.txt [log]OTL logfile created on: 2012-08-11 10:36:15 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Kacper\Desktop Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,75 Gb Available Physical Memory | 37,52% Memory free 4,00 Gb Paging File | 2,23 Gb Available in Paging File | 55,85% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 75,13 Gb Total Space | 21,40 Gb Free Space | 28,48% Space Free | Partition Type: NTFS Drive D: | 195,32 Gb Total Space | 44,99 Gb Free Space | 23,03% Space Free | Partition Type: NTFS Drive E: | 195,31 Gb Total Space | 21,74 Gb Free Space | 11,13% Space Free | Partition Type: NTFS Computer Name: ENGINE | User Name: Kacper | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-08-11 10:35:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Kacper\Desktop\OTL.exe PRC - [2012-08-11 10:31:50 | 000,139,264 | ---- | M] () -- C:\Users\Kacper\Desktop\Ściagane\SystemLook.exe PRC - [2012-08-11 09:55:14 | 001,022,352 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2012-08-07 08:43:41 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-07-03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012-06-07 19:33:22 | 000,421,776 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2012-06-07 19:33:04 | 000,821,648 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2012-05-24 13:28:56 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2012-04-03 20:45:36 | 002,121,216 | ---- | M] () -- C:\Program Files\screenSHU\screenSHU.exe PRC - [2012-03-03 10:21:36 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2012-03-01 01:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-02-29 22:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012-02-29 22:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2012-02-29 22:53:46 | 000,645,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2012-02-15 15:50:20 | 000,075,136 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2012-02-15 15:34:50 | 000,112,400 | ---- | M] (www.motioninjoy.com) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe PRC - [2012-01-18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2012-01-03 15:10:42 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-01-02 15:24:42 | 004,692,296 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe PRC - [2011-12-09 19:22:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe PRC - [2011-11-10 11:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2011-08-30 23:05:02 | 000,390,504 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2011-08-26 12:18:02 | 010,828,392 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2009-07-14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009-07-14 03:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 03:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-07-14 03:14:27 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\notepad.exe PRC - [2009-07-14 03:14:23 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2009-07-14 03:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\alg.exe PRC - [2005-08-11 16:30:30 | 000,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-08-11 10:35:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Kacper\Desktop\OTL.exe MOD - [2012-08-11 10:31:50 | 000,139,264 | ---- | M] () -- C:\Users\Kacper\Desktop\Ściagane\SystemLook.exe MOD - [2012-08-11 09:55:14 | 001,022,352 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe MOD - [2012-08-07 16:48:07 | 000,159,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806\ATL90.dll MOD - [2012-08-07 08:43:41 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\chrome.exe MOD - [2012-08-07 08:43:40 | 000,442,392 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll MOD - [2012-08-07 08:43:39 | 012,235,800 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll MOD - [2012-08-07 08:43:37 | 003,997,720 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\pdf.dll MOD - [2012-08-07 08:42:21 | 000,526,872 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\libglesv2.dll MOD - [2012-08-07 08:42:20 | 000,104,984 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\libegl.dll MOD - [2012-08-07 08:42:19 | 009,962,520 | ---- | M] (The ICU Project) -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\icudt.dll MOD - [2012-08-07 08:42:12 | 037,958,680 | ---- | M] (Google Inc.) -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\chrome.dll MOD - [2012-08-07 08:42:09 | 000,144,424 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\avutil-51.dll MOD - [2012-08-07 08:42:08 | 000,266,792 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\avformat-54.dll MOD - [2012-08-07 08:42:07 | 002,480,680 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\avcodec-54.dll MOD - [2012-07-03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe MOD - [2012-07-03 13:46:42 | 000,476,232 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll MOD - [2012-07-03 13:46:42 | 000,079,208 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll MOD - [2012-07-02 12:14:28 | 002,167,368 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll MOD - [2012-06-07 19:51:22 | 000,050,064 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.Resources\pl.lproj\iTunesHelperLocalized.dll MOD - [2012-06-07 19:33:22 | 000,421,776 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe MOD - [2012-06-07 19:33:22 | 000,156,560 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.dll MOD - [2012-06-07 19:33:22 | 000,048,528 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll MOD - [2012-05-30 20:06:20 | 002,463,632 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll MOD - [2012-05-24 13:29:06 | 001,370,000 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll MOD - [2012-04-03 20:45:36 | 002,121,216 | ---- | M] () -- C:\Program Files\screenSHU\screenSHU.exe MOD - [2012-03-03 10:21:50 | 000,028,160 | ---- | M] (RealNetworks, Inc.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll MOD - [2012-03-03 10:21:36 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe MOD - [2012-03-01 01:59:00 | 015,009,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll MOD - [2012-03-01 01:59:00 | 007,713,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll MOD - [2012-03-01 01:59:00 | 002,801,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll MOD - [2012-03-01 01:59:00 | 000,981,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll MOD - [2012-03-01 01:59:00 | 000,639,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll MOD - [2012-02-29 22:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe MOD - [2012-02-29 22:55:17 | 003,262,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvui.dll MOD - [2012-02-29 22:53:46 | 000,062,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll MOD - [2012-02-20 21:28:44 | 000,124,776 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll MOD - [2012-02-20 21:28:42 | 000,043,368 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll MOD - [2012-02-20 21:28:36 | 001,075,048 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll MOD - [2012-02-20 21:28:32 | 000,075,624 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll MOD - [2012-02-15 23:40:48 | 006,071,760 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\Flash10l.ocx MOD - [2012-02-15 15:34:50 | 000,112,400 | ---- | M] (www.motioninjoy.com) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe MOD - [2012-02-02 19:27:54 | 002,843,136 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Program Files\screenSHU\QtCore4.dll MOD - [2012-02-02 19:27:44 | 000,276,480 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Program Files\screenSHU\QtSql4.dll MOD - [2012-02-02 19:27:34 | 001,289,728 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Program Files\screenSHU\QtNetwork4.dll MOD - [2012-02-02 19:27:08 | 010,135,040 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Program Files\screenSHU\QtGui4.dll MOD - [2012-02-02 19:26:54 | 000,527,360 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Program Files\screenSHU\sqldrivers\qsqlite4.dll MOD - [2012-02-02 19:26:52 | 000,288,256 | ---- | M] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Program Files\screenSHU\imageformats\qjpeg4.dll MOD - [2012-02-02 19:26:52 | 000,043,008 | ---- | M] () -- C:\Program Files\screenSHU\libgcc_s_dw2-1.dll MOD - [2012-02-02 19:26:52 | 000,011,362 | ---- | M] () -- C:\Program Files\screenSHU\mingwm10.dll MOD - [2012-01-29 16:32:53 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2012-01-18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe MOD - [2012-01-12 23:30:35 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2012-01-12 23:30:35 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2012-01-03 15:10:42 | 000,843,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe MOD - [2012-01-02 15:24:42 | 004,692,296 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe MOD - [2011-12-09 19:22:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe MOD - [2011-11-10 11:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe MOD - [2011-11-10 11:16:36 | 003,520,320 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\Engine.dll MOD - [2011-11-10 11:16:24 | 003,585,344 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll MOD - [2011-11-09 10:16:16 | 000,382,272 | ---- | M] (DT Soft Ltd.) -- C:\Program Files\DAEMON Tools Lite\imgengine.dll MOD - [2011-11-02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011-11-02 00:26:16 | 000,456,552 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll MOD - [2011-11-02 00:26:14 | 000,053,608 | ---- | M] (Open Source Software community project) -- C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll MOD - [2011-11-02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011-11-02 00:26:12 | 000,923,496 | ---- | M] (The ICU Project) -- C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll MOD - [2011-11-02 00:26:10 | 016,303,976 | ---- | M] (The ICU Project) -- C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll MOD - [2011-11-02 00:26:10 | 001,292,136 | ---- | M] (The ICU Project) -- C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll MOD - [2011-08-30 23:05:04 | 000,073,064 | ---- | M] (Apple Inc.) -- C:\Windows\System32\dnssd.dll MOD - [2011-08-30 23:05:02 | 000,121,704 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mdnsNSP.dll MOD - [2011-08-26 12:18:02 | 010,828,392 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe MOD - [2011-07-04 19:46:24 | 004,514,400 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\ggsip.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll MOD - [2011-07-04 19:45:36 | 000,815,712 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\networkdao.dll MOD - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe MOD - [2011-06-21 15:48:28 | 000,910,336 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtNetwork4.dll MOD - [2011-06-20 15:37:16 | 010,836,992 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtWebKit4.dll MOD - [2011-06-20 13:52:20 | 001,283,584 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtScript4.dll MOD - [2011-06-20 13:32:40 | 000,266,752 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\phonon4.dll MOD - [2011-06-20 13:21:50 | 007,994,880 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtGui4.dll MOD - [2011-06-20 13:04:56 | 002,233,344 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtCore4.dll MOD - [2011-05-28 23:04:56 | 000,140,288 | ---- | M] (Alexander Roshal) -- C:\Program Files\WinRAR\RarExt.dll MOD - [2011-05-26 11:38:06 | 000,120,320 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll MOD - [2011-05-26 11:38:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qgif4.dll MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-02-17 11:00:46 | 000,327,680 | ---- | M] (http://hunspell.sourceforge.net/) -- C:\Program Files\Gadu-Gadu 10\libhunspell.dll MOD - [2011-02-17 11:00:44 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Gadu-Gadu 10\dbghelp.dll MOD - [2011-02-17 11:00:44 | 000,319,488 | ---- | M] (The cURL library, http://curl.haxx.se/) -- C:\Program Files\Gadu-Gadu 10\libcurl.dll MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 10:59:32 | 001,163,264 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Gadu-Gadu 10\libeay32.dll MOD - [2011-02-17 10:59:32 | 000,253,952 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Gadu-Gadu 10\ssleay32.dll MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll MOD - [2010-06-28 14:21:42 | 001,009,152 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Veoh Networks\VeohWebPlayer\libeay32.dll MOD - [2010-06-28 14:21:42 | 000,188,416 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Veoh Networks\VeohWebPlayer\ssleay32.dll MOD - [2010-05-26 12:41:02 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll MOD - [2010-05-26 12:41:02 | 001,998,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll MOD - [2010-03-25 10:25:22 | 004,222,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL MOD - [2010-03-25 03:46:54 | 008,898,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\1045\GrooveIntlResource.dll MOD - [2010-01-30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010-01-09 21:21:18 | 000,061,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL MOD - [2009-07-14 10:07:18 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2009-07-14 06:43:04 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll MOD - [2009-07-14 06:42:57 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll MOD - [2009-07-14 06:42:55 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\003d2d74243cab7e412d36416bbf0a3d\Accessibility.ni.dll MOD - [2009-07-14 06:42:40 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll MOD - [2009-07-14 06:42:36 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll MOD - [2009-07-14 06:42:30 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll MOD - [2009-07-14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcryptprimitives.dll MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009-07-14 03:17:51 | 001,286,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2009-07-14 03:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll MOD - [2009-07-14 03:16:21 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2009-07-14 03:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll MOD - [2009-07-14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2009-07-14 03:16:20 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll MOD - [2009-07-14 03:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll MOD - [2009-07-14 03:16:20 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll MOD - [2009-07-14 03:16:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL MOD - [2009-07-14 03:16:19 | 000,977,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll MOD - [2009-07-14 03:16:19 | 000,348,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll MOD - [2009-07-14 03:16:19 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2009-07-14 03:16:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2009-07-14 03:16:19 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll MOD - [2009-07-14 03:16:19 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll MOD - [2009-07-14 03:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll MOD - [2009-07-14 03:16:18 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll MOD - [2009-07-14 03:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2009-07-14 03:16:18 | 000,377,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll MOD - [2009-07-14 03:16:18 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webio.dll MOD - [2009-07-14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll MOD - [2009-07-14 03:16:18 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WcnApi.dll MOD - [2009-07-14 03:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll MOD - [2009-07-14 03:16:17 | 001,224,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2009-07-14 03:16:17 | 001,123,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2009-07-14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2009-07-14 03:16:17 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2009-07-14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-07-14 03:16:17 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll MOD - [2009-07-14 03:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll MOD - [2009-07-14 03:16:17 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 03:16:16 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll MOD - [2009-07-14 03:16:16 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\twext.dll MOD - [2009-07-14 03:16:15 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll MOD - [2009-07-14 03:16:15 | 000,496,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll MOD - [2009-07-14 03:16:15 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll MOD - [2009-07-14 03:16:15 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll MOD - [2009-07-14 03:16:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll MOD - [2009-07-14 03:16:15 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll MOD - [2009-07-14 03:16:15 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll MOD - [2009-07-14 03:16:15 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2009-07-14 03:16:15 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\syncui.dll MOD - [2009-07-14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009-07-14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll MOD - [2009-07-14 03:16:15 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll MOD - [2009-07-14 03:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 03:16:15 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ssdpapi.dll MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll MOD - [2009-07-14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2009-07-14 03:16:14 | 001,668,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2009-07-14 03:16:14 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2009-07-14 03:16:14 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll MOD - [2009-07-14 03:16:14 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2009-07-14 03:16:14 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll MOD - [2009-07-14 03:16:14 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll MOD - [2009-07-14 03:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll MOD - [2009-07-14 03:16:13 | 000,652,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2009-07-14 03:16:13 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFolder.dll MOD - [2009-07-14 03:16:13 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll MOD - [2009-07-14 03:16:13 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 03:16:13 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sbdrop.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009-07-14 03:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll MOD - [2009-07-14 03:16:13 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll MOD - [2009-07-14 03:16:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll MOD - [2009-07-14 03:16:12 | 001,750,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll MOD - [2009-07-14 03:16:12 | 001,412,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2009-07-14 03:16:12 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2009-07-14 03:16:12 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2009-07-14 03:16:12 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll MOD - [2009-07-14 03:16:12 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll MOD - [2009-07-14 03:16:12 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll MOD - [2009-07-14 03:16:12 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2009-07-14 03:16:12 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL MOD - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll MOD - [2009-07-14 03:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll MOD - [2009-07-14 03:16:12 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2009-07-14 03:16:12 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL MOD - [2009-07-14 03:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll MOD - [2009-07-14 03:16:12 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll MOD - [2009-07-14 03:16:12 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\perfctrs.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 03:16:12 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\perfos.dll MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 03:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 03:16:11 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2009-07-14 03:16:03 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll MOD - [2009-07-14 03:16:03 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll MOD - [2009-07-14 03:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll MOD - [2009-07-14 03:16:03 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009-07-14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll MOD - [2009-07-14 03:15:52 | 001,386,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll MOD - [2009-07-14 03:15:52 | 001,233,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll MOD - [2009-07-14 03:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 03:15:49 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll MOD - [2009-07-14 03:15:46 | 002,134,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll MOD - [2009-07-14 03:15:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll MOD - [2009-07-14 03:15:44 | 005,957,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll MOD - [2009-07-14 03:15:44 | 002,340,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll MOD - [2009-07-14 03:15:44 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll MOD - [2009-07-14 03:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 03:15:43 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll MOD - [2009-07-14 03:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll MOD - [2009-07-14 03:15:42 | 000,481,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll MOD - [2009-07-14 03:15:42 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll MOD - [2009-07-14 03:15:41 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-07-14 03:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpOAV.dll MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll MOD - [2009-07-14 03:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll MOD - [2009-07-14 03:15:38 | 003,177,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll MOD - [2009-07-14 03:15:35 | 000,857,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2009-07-14 03:15:35 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll MOD - [2009-07-14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll MOD - [2009-07-14 03:15:33 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL MOD - [2009-07-14 03:15:32 | 000,392,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll MOD - [2009-07-14 03:15:32 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2009-07-14 03:15:32 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll MOD - [2009-07-14 03:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll MOD - [2009-07-14 03:15:28 | 010,973,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2009-07-14 03:15:28 | 002,058,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2009-07-14 03:15:28 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll MOD - [2009-07-14 03:15:24 | 000,312,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll MOD - [2009-07-14 03:15:24 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hnetcfg.dll MOD - [2009-07-14 03:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll MOD - [2009-07-14 03:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll MOD - [2009-07-14 03:15:22 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll MOD - [2009-07-14 03:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll MOD - [2009-07-14 03:15:22 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2009-07-14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll MOD - [2009-07-14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll MOD - [2009-07-14 03:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll MOD - [2009-07-14 03:15:21 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL MOD - [2009-07-14 03:15:21 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll MOD - [2009-07-14 03:15:21 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll MOD - [2009-07-14 03:15:20 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll MOD - [2009-07-14 03:15:20 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll MOD - [2009-07-14 03:15:20 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fdWNet.dll MOD - [2009-07-14 03:15:19 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll MOD - [2009-07-14 03:15:19 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\evr.dll MOD - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-07-14 03:15:14 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll MOD - [2009-07-14 03:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll MOD - [2009-07-14 03:15:13 | 001,370,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll MOD - [2009-07-14 03:15:13 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll MOD - [2009-07-14 03:15:13 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll MOD - [2009-07-14 03:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll MOD - [2009-07-14 03:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2009-07-14 03:15:13 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll MOD - [2009-07-14 03:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxva2.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 03:15:13 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dtsh.dll MOD - [2009-07-14 03:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsrole.dll MOD - [2009-07-14 03:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drprov.dll MOD - [2009-07-14 03:15:12 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll MOD - [2009-07-14 03:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dfscli.dll MOD - [2009-07-14 03:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll MOD - [2009-07-14 03:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll MOD - [2009-07-14 03:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddrawex.dll MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll MOD - [2009-07-14 03:15:08 | 001,826,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll MOD - [2009-07-14 03:15:08 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll MOD - [2009-07-14 03:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davhlpr.dll MOD - [2009-07-14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll MOD - [2009-07-14 03:15:07 | 001,151,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll MOD - [2009-07-14 03:15:07 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll MOD - [2009-07-14 03:15:07 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_ebf82fc36c758ad5\comctl32.dll MOD - [2009-07-14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2009-07-14 03:15:07 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll MOD - [2009-07-14 03:15:07 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll MOD - [2009-07-14 03:15:07 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll MOD - [2009-07-14 03:15:07 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll MOD - [2009-07-14 03:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 03:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2009-07-14 03:15:07 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll MOD - [2009-07-14 03:15:07 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009-07-14 03:15:00 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll MOD - [2009-07-14 03:15:00 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll MOD - [2009-07-14 03:14:59 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll MOD - [2009-07-14 03:14:58 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll MOD - [2009-07-14 03:14:57 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll MOD - [2009-07-14 03:14:57 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 03:14:53 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2009-07-14 03:14:53 | 000,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2009-07-14 03:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll MOD - [2009-07-14 03:14:52 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll MOD - [2009-07-14 03:14:52 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcSpecfc.dll MOD - [2009-07-14 03:14:52 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2009-07-14 03:14:51 | 000,559,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll MOD - [2009-07-14 03:14:51 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll MOD - [2009-07-14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe MOD - [2009-07-14 03:14:27 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\notepad.exe MOD - [2009-07-14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe MOD - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 03:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm MOD - [2009-07-14 03:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl MOD - [2009-07-14 03:14:09 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl MOD - [2009-07-14 03:14:08 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl MOD - [2009-07-14 03:14:08 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2009-07-14 03:14:08 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv MOD - [2009-07-14 03:10:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.dll MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll MOD - [2009-07-14 03:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2009-07-14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll MOD - [2009-06-10 23:23:23 | 000,278,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll MOD - [2009-06-10 23:23:09 | 005,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MOD - [2009-06-10 23:23:08 | 000,074,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll MOD - [2009-06-10 23:23:05 | 000,363,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll MOD - [2009-06-10 23:14:56 | 000,652,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll MOD - [2009-06-10 23:14:54 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcp90.dll MOD - [2005-08-11 16:30:30 | 000,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-08-04 18:39:04 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-03-01 01:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-02-08 14:16:00 | 004,562,760 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc) SRV - [2012-01-11 16:06:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-03-16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-03-25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva397.sys -- (XDva397) DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Program Files\IPlayUnlimited\Cabal\Byakko.K32 -- (ByakkoDriver) DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012-03-01 01:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012-02-15 15:34:51 | 000,097,552 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MijXfilt.sys -- (MotioninJoyXFilter) DRV - [2012-01-14 10:09:38 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-03-18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009-07-14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009-07-14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009-07-14 00:02:53 | 000,545,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73) DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-572751724-1944054612-232048248-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2653012 IE - HKU\S-1-5-21-572751724-1944054612-232048248-1001\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - No CLSID value found IE - HKU\S-1-5-21-572751724-1944054612-232048248-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-572751724-1944054612-232048248-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-572751724-1944054612-232048248-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012 IE - HKU\S-1-5-21-572751724-1944054612-232048248-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-572751724-1944054612-232048248-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kacper\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kacper\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-06-13 15:49:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-08-04 18:39:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-05-21 23:14:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kacper\AppData\Roaming\mozilla\Extensions [2012-08-04 16:46:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kacper\AppData\Roaming\mozilla\Firefox\Profiles\3fwa50q0.default\extensions [2012-08-04 16:46:09 | 000,000,000 | ---D | M] (stock zoom) -- C:\Users\Kacper\AppData\Roaming\mozilla\Firefox\Profiles\3fwa50q0.default\extensions\istockzoom@kanjar.art.pl [2012-05-21 23:14:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-08-04 18:39:04 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-04-21 04:18:44 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-04-21 04:18:44 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-04-21 04:18:44 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-04-21 04:18:44 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-04-21 04:18:44 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-04-21 04:18:44 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://google.pl/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, CHR - homepage: http://google.pl/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kacper\AppData\Local\Google\Chrome\Application\21.0.1180.75\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Disabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Disabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Disabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealJukebox NS Plugin (Disabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Disabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: Google Update (Enabled) = C:\Users\Kacper\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll CHR - Extension: Search on YouTube = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\bccnhhcaemojkekjficjgjbldobiffjk\1.3.0_0\ CHR - Extension: YouTube = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Szukaj w Google = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Dziennik Lekcyjny = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbjeiahmgcahgpgpncpkpfndecmnoaij\1_0\ CHR - Extension: Duck Gravity = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpikpdaalmlcipfphefaajfiofglcma\1.2.0_0\ CHR - Extension: http://192.168.1.100/ = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngfgginkfmnbpghmpdcafomhgdckkjnd\2012.1.24.59693_0\ CHR - Extension: Gmail = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2011-01-27 15:00:57 | 000,001,211 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-21-572751724-1944054612-232048248-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-572751724-1944054612-232048248-1001..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com) O4 - HKU\S-1-5-21-572751724-1944054612-232048248-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-572751724-1944054612-232048248-1001..\Run: [RGSC] E:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found O4 - HKU\S-1-5-21-572751724-1944054612-232048248-1001..\Run: [screenSHU] C:\Program Files\screenSHU\screenSHU.exe () O4 - HKU\S-1-5-21-572751724-1944054612-232048248-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-21-572751724-1944054612-232048248-1001..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-572751724-1944054612-232048248-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-572751724-1944054612-232048248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kacper\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B1D4A86-B8A9-4419-AB66-29D4A9B5CD44}: DhcpNameServer = 192.168.1.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E25D65E-3F26-42AA-A675-FDAC002BCC8D}: DhcpNameServer = 192.168.1.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B99CC24A-B193-4649-BCFA-3B601ABA533B}: DhcpNameServer = 192.168.1.100 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{c2816c14-3dda-11e1-8df7-0016e6ddf839}\Shell - "" = AutoRun O33 - MountPoints2\{c2816c14-3dda-11e1-8df7-0016e6ddf839}\Shell\AutoRun\command - "" = G:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-08-11 10:35:04 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Kacper\Desktop\OTL.exe [2012-08-11 10:03:46 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Malwarebytes [2012-08-11 10:03:38 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012-08-11 10:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-08-11 10:03:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-08-11 10:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-08-10 19:20:57 | 002,691,192 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Kacper\Desktop\iexplore.exe [2012-08-10 15:01:25 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\Nowy folder [2012-08-08 15:42:34 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\PROJEKT DEWON [2012-08-07 16:45:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2012-08-07 16:45:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-08-07 16:44:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2012-08-07 16:44:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-08-07 16:43:19 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-08-07 16:43:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework [2012-08-07 16:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2012-08-07 16:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8 [2012-08-07 16:41:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2012-08-07 16:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012-08-07 16:39:04 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012-08-07 14:06:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-08-04 16:51:27 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\stocki [2012-07-31 22:56:15 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\SCP-087-B [2012-07-30 02:18:31 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Documents\Activision [2012-07-28 22:57:12 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\MLB [2012-07-27 12:03:27 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\Ultra v08 [2012-07-27 11:41:02 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\.Nitrous [2012-07-27 11:39:28 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\minrecraft [2012-07-27 10:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012-07-27 10:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012-07-27 10:52:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012-07-27 10:50:09 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012-07-21 17:41:52 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Audacity [2012-07-21 17:11:00 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity [2012-07-17 17:41:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer [2012-07-01 15:30:05 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\Ściagane [2012-06-23 20:56:57 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan [2012-06-23 20:56:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan [2012-06-23 20:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan [2012-06-21 08:19:29 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Local\libimobiledevice [2012-06-20 21:15:19 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\redsn0w [2012-06-20 07:42:53 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Desktop\muzy77a [2012-06-20 00:11:20 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Documents\My Palettes [2012-06-20 00:08:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis [2012-06-20 00:05:09 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Documents\Corel [2012-06-20 00:04:57 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Documents\Visual Studio 2008 [2012-06-20 00:04:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs [2012-06-20 00:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0 [2012-06-20 00:02:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis [2012-06-20 00:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel [2012-06-19 23:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5 [2012-06-18 19:23:44 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Corel [2012-06-18 19:22:41 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2012-06-18 19:20:19 | 000,000,000 | ---D | C] -- C:\Program Files\Corel [2012-06-17 14:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EGCabal Online [2012-06-16 09:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-08-11 10:40:02 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-572751724-1944054612-232048248-1001UA.job [2012-08-11 10:36:18 | 000,014,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-11 10:36:18 | 000,014,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-11 10:35:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Kacper\Desktop\OTL.exe [2012-08-11 10:29:14 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics [2012-08-11 10:29:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-08-11 10:29:05 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys [2012-08-11 10:03:38 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-08-11 09:55:39 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012-08-11 02:23:44 | 000,202,126 | ---- | M] () -- C:\Users\Kacper\Desktop\yelawolf-radioactive-cover.jpg [2012-08-10 23:44:54 | 000,136,760 | ---- | M] () -- C:\Users\Kacper\Desktop\parias-logo.png [2012-08-10 23:38:03 | 000,155,330 | ---- | M] () -- C:\Users\Kacper\Desktop\Czarna_1.png [2012-08-10 23:31:33 | 001,603,678 | ---- | M] () -- C:\Users\Kacper\Desktop\PARIAS.ai [2012-08-10 19:21:03 | 002,691,192 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Kacper\Desktop\iexplore.exe [2012-08-10 16:35:48 | 000,006,554 | ---- | M] () -- C:\Users\Kacper\Desktop\Bez-nazwy-1.gif [2012-08-10 15:30:44 | 000,075,256 | ---- | M] () -- C:\Users\Kacper\Desktop\dcf47a36ce56226c99bc91a448b4d5c7.gif [2012-08-10 12:59:02 | 000,048,637 | ---- | M] () -- C:\Users\Kacper\Desktop\Bez nazwy-3.png [2012-08-10 11:40:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-572751724-1944054612-232048248-1001Core.job [2012-08-10 00:35:51 | 000,166,896 | ---- | M] () -- C:\Users\Kacper\Desktop\IMG_0130.JPG [2012-08-09 22:11:52 | 000,040,951 | ---- | M] () -- C:\Users\Kacper\Desktop\Bez nazwy-3.jpg [2012-08-09 16:26:53 | 000,001,493 | ---- | M] () -- C:\Users\Kacper\Desktop\PS3.xpaddercontroller [2012-08-09 16:20:39 | 000,687,590 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-08-09 16:20:39 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-08-09 16:20:39 | 000,131,176 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-08-09 16:20:39 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-08-09 16:17:38 | 000,000,357 | ---- | M] () -- C:\Users\Kacper\Desktop\My MotioninJoy Virtual Game Controller.xpaddercontroller [2012-08-09 14:57:44 | 006,374,808 | ---- | M] () -- C:\Users\Kacper\Desktop\DEWON.psd [2012-08-09 14:42:52 | 000,002,452 | ---- | M] () -- C:\Users\Kacper\Desktop\Google Chrome.lnk [2012-08-08 10:09:15 | 003,822,152 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-08-07 21:01:56 | 000,963,488 | ---- | M] () -- C:\Users\Kacper\Desktop\IMG_0223.JPG [2012-08-07 20:56:47 | 001,083,716 | ---- | M] () -- C:\Users\Kacper\Documents\tomek2.ai [2012-08-07 20:53:22 | 001,345,608 | ---- | M] () -- C:\Users\Kacper\Documents\tomek3.ai [2012-08-07 20:12:04 | 005,072,188 | ---- | M] () -- C:\Users\Kacper\Desktop\Logo Design Love (2010).pdf [2012-08-07 20:05:54 | 005,072,188 | ---- | M] () -- C:\Users\Kacper\Desktop\Logo design love.pdf [2012-08-07 17:19:58 | 000,076,800 | ---- | M] () -- C:\Users\Kacper\Desktop\Szablon Edward Siuda.dot [2012-08-07 17:17:37 | 000,050,946 | ---- | M] () -- C:\Users\Kacper\Desktop\Untitled-1.png [2012-08-07 16:55:34 | 000,023,181 | ---- | M] () -- C:\Users\Kacper\Desktop\tomek2.png [2012-08-07 13:04:41 | 000,063,978 | ---- | M] () -- C:\Users\Kacper\Documents\tomek2.png [2012-08-06 14:47:48 | 019,190,333 | ---- | M] () -- C:\Users\Kacper\Documents\malina.ai [2012-08-05 20:57:44 | 001,102,618 | ---- | M] () -- C:\Users\Kacper\Documents\microcod.ai [2012-08-05 19:12:11 | 001,608,889 | ---- | M] () -- C:\Users\Kacper\Documents\tomek.ai [2012-08-04 13:41:21 | 001,203,503 | ---- | M] () -- C:\Users\Kacper\Documents\stalmot.ai [2012-08-03 23:01:42 | 000,122,924 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat [2012-08-03 21:28:22 | 001,444,056 | ---- | M] () -- C:\Users\Kacper\Documents\lew.ai [2012-08-03 11:40:49 | 001,433,600 | ---- | M] () -- C:\Users\Kacper\Documents\babeczka.ai [2012-08-02 19:38:40 | 001,086,084 | ---- | M] () -- C:\Users\Kacper\Documents\ps3hack.ai [2012-08-01 15:54:10 | 001,132,117 | ---- | M] () -- C:\Users\Kacper\Documents\ddas.ai [2012-08-01 01:41:00 | 001,096,605 | ---- | M] () -- C:\Users\Kacper\Documents\damkos.ai [2012-08-01 01:37:02 | 001,368,732 | ---- | M] () -- C:\Users\Kacper\Documents\adsd.ai [2012-07-30 16:20:56 | 001,105,601 | ---- | M] () -- C:\Users\Kacper\Documents\drogi.ai [2012-07-30 09:20:14 | 000,000,671 | ---- | M] () -- C:\Users\Kacper\Desktop\Prototype 2.lnk [2012-07-29 17:48:31 | 001,309,549 | ---- | M] () -- C:\Users\Kacper\Documents\tmc.ai [2012-07-27 10:53:07 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012-07-27 00:38:26 | 001,078,969 | ---- | M] () -- C:\Users\Kacper\Documents\budowlanka2.ai [2012-07-26 20:33:46 | 001,105,989 | ---- | M] () -- C:\Users\Kacper\Documents\LOGO BUDOWLANKA.ai [2012-07-21 17:11:05 | 000,000,965 | ---- | M] () -- C:\Users\Kacper\Desktop\Audacity.lnk [2012-07-19 10:49:25 | 003,187,458 | ---- | M] () -- C:\Users\Kacper\Desktop\Bez nazwy-1.psd [2012-07-18 22:59:01 | 000,940,357 | ---- | M] () -- C:\Users\Kacper\Documents\IMAG1159.jpg [2012-07-18 22:58:02 | 000,393,464 | ---- | M] () -- C:\Users\Kacper\Documents\IMAG1156.jpg [2012-07-18 22:57:39 | 000,000,000 | ---- | M] () -- C:\Windows\System32\IMAG1159.jpg [2012-07-18 22:57:25 | 000,000,000 | ---- | M] () -- C:\Windows\System32\IMAG1156.jpg [2012-07-18 22:57:16 | 000,705,816 | ---- | M] () -- C:\Users\Kacper\Documents\IMAG1155.jpg [2012-07-18 22:56:36 | 000,000,000 | ---- | M] () -- C:\Windows\System32\IMAG1155.jpg [2012-07-17 17:25:16 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2012-07-16 19:49:08 | 000,000,684 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2012-07-16 19:49:04 | 000,000,984 | ---- | M] () -- C:\Users\Public\Desktop\Mass Effect 3.lnk [2012-07-16 19:49:04 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Risen 2 Dark Waters.lnk [2012-07-16 19:49:04 | 000,000,867 | ---- | M] () -- C:\Users\Public\Desktop\Portal 2.lnk [2012-07-16 19:49:04 | 000,000,618 | ---- | M] () -- C:\Users\Public\Desktop\Red Alert 2.lnk [2012-07-16 19:49:03 | 000,000,578 | ---- | M] () -- C:\Users\Public\Desktop\EGCabal Online.lnk [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012-07-01 01:33:36 | 000,004,608 | ---- | M] () -- C:\Users\Kacper\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-06-23 20:56:57 | 000,000,965 | ---- | M] () -- C:\Users\Kacper\Desktop\SpeedFan.lnk [2012-06-23 20:56:56 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo [2012-06-22 16:16:41 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat [2012-06-20 22:17:49 | 720,391,327 | ---- | M] () -- C:\Users\Kacper\Desktop\iPhone2,1_5.1.1_9B206_Restore.ipsw [2012-06-19 23:57:30 | 000,003,350 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys [2012-06-19 23:57:28 | 000,000,056 | RHS- | M] () -- C:\Windows\System32\A75CB6EB66.sys [2012-06-19 22:49:10 | 001,055,772 | ---- | M] () -- C:\Windows\System32\ppage.clp [2012-06-19 21:13:20 | 000,048,414 | ---- | M] () -- C:\Windows\FontData.fdb [2012-06-18 23:22:38 | 000,001,150 | ---- | M] () -- C:\Users\Public\Desktop\CWK.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-11 10:03:38 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-08-11 09:55:39 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk [2012-08-11 02:23:59 | 000,202,126 | ---- | C] () -- C:\Users\Kacper\Desktop\yelawolf-radioactive-cover.jpg [2012-08-10 23:44:54 | 000,136,760 | ---- | C] () -- C:\Users\Kacper\Desktop\parias-logo.png [2012-08-10 23:38:09 | 000,155,330 | ---- | C] () -- C:\Users\Kacper\Desktop\Czarna_1.png [2012-08-10 23:31:27 | 001,603,678 | ---- | C] () -- C:\Users\Kacper\Desktop\PARIAS.ai [2012-08-10 16:35:47 | 000,006,554 | ---- | C] () -- C:\Users\Kacper\Desktop\Bez-nazwy-1.gif [2012-08-10 15:30:48 | 000,075,256 | ---- | C] () -- C:\Users\Kacper\Desktop\dcf47a36ce56226c99bc91a448b4d5c7.gif [2012-08-10 12:59:01 | 000,048,637 | ---- | C] () -- C:\Users\Kacper\Desktop\Bez nazwy-3.png [2012-08-10 00:32:05 | 000,166,896 | ---- | C] () -- C:\Users\Kacper\Desktop\IMG_0130.JPG [2012-08-09 22:11:49 | 000,040,951 | ---- | C] () -- C:\Users\Kacper\Desktop\Bez nazwy-3.jpg [2012-08-09 16:26:53 | 000,001,493 | ---- | C] () -- C:\Users\Kacper\Desktop\PS3.xpaddercontroller [2012-08-09 16:17:38 | 000,000,357 | ---- | C] () -- C:\Users\Kacper\Desktop\My MotioninJoy Virtual Game Controller.xpaddercontroller [2012-08-08 13:22:02 | 006,374,808 | ---- | C] () -- C:\Users\Kacper\Desktop\DEWON.psd [2012-08-07 21:01:34 | 000,963,488 | ---- | C] () -- C:\Users\Kacper\Desktop\IMG_0223.JPG [2012-08-07 20:53:22 | 001,345,608 | ---- | C] () -- C:\Users\Kacper\Documents\tomek3.ai [2012-08-07 20:11:44 | 005,072,188 | ---- | C] () -- C:\Users\Kacper\Desktop\Logo Design Love (2010).pdf [2012-08-07 20:05:23 | 005,072,188 | ---- | C] () -- C:\Users\Kacper\Desktop\Logo design love.pdf [2012-08-07 17:19:57 | 000,076,800 | ---- | C] () -- C:\Users\Kacper\Desktop\Szablon Edward Siuda.dot [2012-08-07 17:17:36 | 000,050,946 | ---- | C] () -- C:\Users\Kacper\Desktop\Untitled-1.png [2012-08-07 16:55:33 | 000,023,181 | ---- | C] () -- C:\Users\Kacper\Desktop\tomek2.png [2012-08-07 13:04:35 | 000,063,978 | ---- | C] () -- C:\Users\Kacper\Documents\tomek2.png [2012-08-05 20:57:42 | 001,102,618 | ---- | C] () -- C:\Users\Kacper\Documents\microcod.ai [2012-08-05 20:31:33 | 001,083,716 | ---- | C] () -- C:\Users\Kacper\Documents\tomek2.ai [2012-08-05 19:12:09 | 001,608,889 | ---- | C] () -- C:\Users\Kacper\Documents\tomek.ai [2012-08-05 15:13:01 | 019,190,333 | ---- | C] () -- C:\Users\Kacper\Documents\malina.ai [2012-08-04 13:41:18 | 001,203,503 | ---- | C] () -- C:\Users\Kacper\Documents\stalmot.ai [2012-08-03 17:53:06 | 001,444,056 | ---- | C] () -- C:\Users\Kacper\Documents\lew.ai [2012-08-02 19:38:37 | 001,086,084 | ---- | C] () -- C:\Users\Kacper\Documents\ps3hack.ai [2012-08-01 13:01:35 | 001,132,117 | ---- | C] () -- C:\Users\Kacper\Documents\ddas.ai [2012-08-01 01:40:59 | 001,096,605 | ---- | C] () -- C:\Users\Kacper\Documents\damkos.ai [2012-07-30 22:29:34 | 001,433,600 | ---- | C] () -- C:\Users\Kacper\Documents\babeczka.ai [2012-07-30 16:20:54 | 001,105,601 | ---- | C] () -- C:\Users\Kacper\Documents\drogi.ai [2012-07-30 09:20:14 | 000,000,671 | ---- | C] () -- C:\Users\Kacper\Desktop\Prototype 2.lnk [2012-07-29 17:48:29 | 001,309,549 | ---- | C] () -- C:\Users\Kacper\Documents\tmc.ai [2012-07-27 10:53:07 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012-07-27 00:38:24 | 001,078,969 | ---- | C] () -- C:\Users\Kacper\Documents\budowlanka2.ai [2012-07-26 16:13:18 | 001,105,989 | ---- | C] () -- C:\Users\Kacper\Documents\LOGO BUDOWLANKA.ai [2012-07-21 17:11:05 | 000,000,977 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk [2012-07-21 17:11:05 | 000,000,965 | ---- | C] () -- C:\Users\Kacper\Desktop\Audacity.lnk [2012-07-19 10:49:24 | 003,187,458 | ---- | C] () -- C:\Users\Kacper\Desktop\Bez nazwy-1.psd [2012-07-18 22:57:44 | 000,940,357 | ---- | C] () -- C:\Users\Kacper\Documents\IMAG1159.jpg [2012-07-18 22:57:39 | 000,000,000 | ---- | C] () -- C:\Windows\System32\IMAG1159.jpg [2012-07-18 22:57:34 | 000,393,464 | ---- | C] () -- C:\Users\Kacper\Documents\IMAG1156.jpg [2012-07-18 22:57:25 | 000,000,000 | ---- | C] () -- C:\Windows\System32\IMAG1156.jpg [2012-07-18 22:56:38 | 000,705,816 | ---- | C] () -- C:\Users\Kacper\Documents\IMAG1155.jpg [2012-07-18 22:56:36 | 000,000,000 | ---- | C] () -- C:\Windows\System32\IMAG1155.jpg [2012-06-30 23:10:30 | 000,004,608 | ---- | C] () -- C:\Users\Kacper\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-06-23 20:56:57 | 000,000,965 | ---- | C] () -- C:\Users\Kacper\Desktop\SpeedFan.lnk [2012-06-23 20:56:56 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo [2012-06-22 16:16:41 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2012-06-20 22:01:33 | 720,391,327 | ---- | C] () -- C:\Users\Kacper\Desktop\iPhone2,1_5.1.1_9B206_Restore.ipsw [2012-06-19 22:21:39 | 001,055,772 | ---- | C] () -- C:\Windows\System32\ppage.clp [2012-06-19 21:13:18 | 000,048,414 | ---- | C] () -- C:\Windows\FontData.fdb [2012-06-19 08:40:51 | 000,000,056 | RHS- | C] () -- C:\Windows\System32\A75CB6EB66.sys [2012-06-18 19:10:17 | 000,003,350 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys [2012-06-17 14:39:42 | 000,000,578 | ---- | C] () -- C:\Users\Public\Desktop\EGCabal Online.lnk [2012-06-13 22:13:25 | 000,122,924 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2012-04-06 12:08:49 | 000,000,765 | ---- | C] () -- C:\Windows\Rtcw.INI [2012-02-15 15:50:48 | 000,138,536 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2012-02-15 15:50:44 | 000,270,408 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2012-02-15 15:50:20 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2012-01-08 12:33:54 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011-12-27 20:31:20 | 004,342,784 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll [2011-12-27 20:31:04 | 000,135,680 | ---- | C] () -- C:\Windows\System32\IntelQuickSyncDecoder.dll [2011-12-21 18:10:32 | 000,172,032 | ---- | C] () -- C:\Windows\System32\libbluray.dll [2011-12-21 18:10:26 | 006,266,784 | ---- | C] () -- C:\Windows\System32\avcodec-lav-53.dll [2011-12-21 18:10:26 | 000,977,648 | ---- | C] () -- C:\Windows\System32\avformat-lav-53.dll [2011-12-21 18:10:26 | 000,353,984 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll [2011-12-21 18:10:26 | 000,202,728 | ---- | C] () -- C:\Windows\System32\avutil-lav-51.dll [2011-12-21 18:10:26 | 000,127,384 | ---- | C] () -- C:\Windows\System32\avfilter-lav-2.dll [2011-12-20 20:50:04 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-12-20 20:49:56 | 000,099,328 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll [2011-12-20 20:49:54 | 000,158,720 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll [2011-12-20 20:49:54 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll [2011-12-20 20:49:52 | 001,525,248 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll [2011-12-20 20:49:52 | 000,212,480 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll [2011-12-20 20:49:52 | 000,115,200 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll [2011-12-20 20:49:50 | 000,328,704 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll [2011-12-20 20:49:50 | 000,260,608 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll [2011-12-20 20:49:50 | 000,137,728 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll [2011-10-15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011-09-08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll [2011-09-08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\System32\mp4.dll [2011-09-08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll [2011-09-08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll [2011-09-08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe [2011-09-08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\System32\ts.dll [2011-09-08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe [2011-09-08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe [2011-09-08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll [2011-09-08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll [2011-05-30 15:42:50 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-05-23 09:46:30 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-03-03 13:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll [2011-03-03 13:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll [2011-03-03 13:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll [2010-08-18 21:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\System32\Registration.ini [color=#E56717]========== LOP Check ==========[/color] [2012-07-27 11:26:56 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\.minecraft [2012-07-27 11:41:08 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\.Nitrous [2012-07-21 18:12:12 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Audacity [2012-01-09 23:23:49 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012-01-28 15:55:09 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\DAEMON Tools Lite [2012-02-19 23:04:59 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\DVDVideoSoft [2012-02-19 23:04:41 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\DVDVideoSoftIEHelpers [2012-07-27 17:55:04 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\EurekaLog [2012-04-11 15:03:03 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Gadu-Gadu 10 [2012-04-07 09:16:09 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\GameRanger [2012-02-14 16:00:13 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Macro Recorder [2012-05-02 13:11:04 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\MD5 Checksum Verifier [2012-02-15 15:26:20 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\MotioninJoy [2012-06-13 15:49:39 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\NapiProjekt [2012-01-13 23:49:21 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\OpenFM [2012-03-06 19:06:55 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Opera [2012-02-18 23:19:45 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Origin [2012-06-21 13:57:28 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\redsn0w [2012-03-22 18:28:20 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Rovio [2012-02-15 15:17:57 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Ubisoft [2012-08-11 10:42:40 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\uTorrent [2012-07-01 01:32:50 | 000,000,000 | ---D | M] -- C:\Users\Mamusia\AppData\Roaming\Gadu-Gadu 10 [2012-06-30 18:04:40 | 000,000,000 | ---D | M] -- C:\Users\Mamusia\AppData\Roaming\Opera [2012-06-29 13:33:11 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-07-14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2012-01-07 22:07:44 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2009-06-10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2011-08-24 19:26:36 | 000,633,134 | ---- | M] () -- C:\data1.cab [2011-08-24 19:26:36 | 000,067,249 | ---- | M] () -- C:\data1.hdr [2011-08-24 19:43:18 | 3342,986,474 | ---- | M] () -- C:\data2.cab [2004-10-22 03:16:58 | 000,470,174 | ---- | M] () -- C:\engine32.cab [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt [2007-11-07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt [2007-11-07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt [2007-11-07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt [2007-11-07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini [2012-04-20 21:55:55 | 000,346,611 | RHS- | M] () -- C:\HFUJR [2012-08-11 10:29:05 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys [2007-11-07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe [2007-11-07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini [2007-11-07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll [2007-11-07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll [2007-11-07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll [2007-11-07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll [2007-11-07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll [2007-11-07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll [2007-11-07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll [2007-11-07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll [2007-11-07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll [2012-01-23 15:53:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012-04-20 21:55:55 | 000,000,000 | RHS- | M] () -- C:\kwxq.ld [2011-08-24 19:43:18 | 000,000,455 | ---- | M] () -- C:\layout.bin [2012-01-23 15:53:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012-08-11 10:29:07 | 2147,016,704 | -HS- | M] () -- C:\pagefile.sys [2004-10-22 03:16:58 | 000,118,736 | ---- | M] (Macrovision Corporation) -- C:\setup.exe [2011-08-24 19:26:28 | 000,390,503 | ---- | M] () -- C:\setup.ibt [2011-08-24 19:26:28 | 000,000,484 | ---- | M] () -- C:\setup.ini [2011-08-24 19:26:28 | 000,206,045 | ---- | M] () -- C:\setup.inx [2007-11-07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp [2007-11-07 09:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab [2007-11-07 09:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [2001-08-17 22:47:36 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\Windows.old\Windows\system32\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2012-07-03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < End of report > [/log] Extras.txt [log]OTL Extras logfile created on: 2012-08-11 10:36:15 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Kacper\Desktop Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,75 Gb Available Physical Memory | 37,52% Memory free 4,00 Gb Paging File | 2,23 Gb Available in Paging File | 55,85% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 75,13 Gb Total Space | 21,40 Gb Free Space | 28,48% Space Free | Partition Type: NTFS Drive D: | 195,32 Gb Total Space | 44,99 Gb Free Space | 23,03% Space Free | Partition Type: NTFS Drive E: | 195,31 Gb Total Space | 21,74 Gb Free Space | 11,13% Space Free | Partition Type: NTFS Computer Name: ENGINE | User Name: Kacper | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- "C:\Program Files\Opera\Opera.exe" "%1" [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 "AntiVirusDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallDisableNotify" = 0 "FirewallOverride" = 1 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{08533C29-F0DF-46CE-A486-BFCE443AF332}" = lport=139 | protocol=6 | dir=in | app=system | "{0FA1B715-646B-4034-BDFF-B0303AD6CF95}" = rport=2869 | protocol=6 | dir=out | app=system | "{144C3547-A4BC-4F9C-9A14-AC96DEED048A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{242EA9E7-B11B-42DA-84C3-EB92E781A5B0}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{35189E4B-B1BA-42AE-A70B-25D610CC3E00}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5161BD66-73DD-45FA-9BCD-C0DD2C45024C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5290C18F-4BA3-46CA-BF3E-BE6DC3EF01A6}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | "{5A8D8B31-6A60-4338-A8AE-88022E9961B0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5AB404C9-CB88-4CC4-AA25-83C1B1282341}" = lport=445 | protocol=6 | dir=in | app=system | "{688862D8-D380-4A28-8B9B-82B60B66B0A5}" = lport=10243 | protocol=6 | dir=in | app=system | "{68C553B8-27A1-4A2F-BA40-A9608A7212B5}" = rport=139 | protocol=6 | dir=out | app=system | "{725D7773-5C72-40E6-86C9-F1E36ACBBD4A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7D73FAB6-FF93-4B8C-B8C5-E4AEBF05FC14}" = lport=137 | protocol=17 | dir=in | app=system | "{7D82DB94-D704-412F-876E-0DF6FABB9B36}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{824F244E-728F-4E5B-99E6-DC6A33A8B03B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8278C112-88AA-44F2-9DC4-7FF6F8EDF8DE}" = rport=137 | protocol=17 | dir=out | app=system | "{86CA9D3D-7C89-4476-B32A-0085238768BF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{98D663C2-DE0D-4202-8440-A7CF3D72D2A2}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{9EA0B81A-F218-4065-B201-A6D485E2E449}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B52DE49C-35FB-4C7B-A4D0-C508035D9962}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{BB5982A0-526D-441E-A76E-C0C4B4BB30B9}" = rport=138 | protocol=17 | dir=out | app=system | "{BF04B0B5-D58C-4D6F-BBBE-2D985CA85DC3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{D10BE4E8-69DC-4237-AE20-409EFDF2E906}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D4A86D3A-A8C3-4875-B567-8E6BB155A566}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DD56B71B-A776-456A-8BB1-792B78A033D3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{DF587F98-A7EB-4D3C-8EA4-13E95149317D}" = lport=2869 | protocol=6 | dir=in | app=system | "{E3D60EC7-6266-4EFA-9E84-21A0917ECD01}" = lport=2869 | protocol=6 | dir=in | app=system | "{F798C174-C04E-428C-8396-3C3F5DE22F95}" = rport=445 | protocol=6 | dir=out | app=system | "{FAB47AED-67F1-4272-8ABE-B87E4E0C9C4A}" = rport=10243 | protocol=6 | dir=out | app=system | "{FC22603E-C67D-4A9D-A3A4-8950FF0B62B7}" = lport=138 | protocol=17 | dir=in | app=system | "{FE21E053-03B1-4548-B6DA-53CF6196B7FB}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0FF64BF6-F017-46FE-9790-E238EED6127F}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{16DDEDD1-00C5-4B76-BDE9-8A22410A8294}" = protocol=6 | dir=in | app=d:\steam\steamapps\556714\counter-strike source\hl2.exe | "{199E1199-78D2-47C9-96DB-05BE018B9D28}" = protocol=6 | dir=in | app=e:\program files\steam\steam.exe | "{1BDB68E6-35B1-4940-A7A0-77B9A7068863}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{23245BDD-F4EA-4EA3-AFFF-4C01FB8A0E70}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{2A279FFB-1BDC-4839-8F95-FD3512ECC516}" = dir=in | app=c:\program files\itunes\itunes.exe | "{2A66F480-7EE1-4871-AAF5-6F65B0C877E1}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{2B358ACD-A89D-44C3-9CFE-1EA05F61D79A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{36DD5031-7068-4F69-9272-2DC8E2BCB2DC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{4076BA05-4CB2-4696-94C0-9B61914A0CF9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "{486F1397-8A58-48D2-92B5-1F0DAC81651E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4E962061-AAFE-4571-AC16-7E855FFF82C8}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | "{50B9B561-0D81-4719-955E-79BAC5B4CA48}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5917F4EC-8A70-4390-A66A-1D346AA3895A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe | "{599F6080-3DF3-42ED-98BF-C3F8197D0757}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe | "{60904DAD-AB2A-4960-951C-1B43080459DA}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{61521C8C-DE72-4E50-9347-E3EF0CD0E2B6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{619AB429-4111-45F6-9470-1653EFD3E497}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{63C32A79-1077-4D01-B041-5DBAC99ED054}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{682E6506-1A1D-40C9-BC70-8FBEA792EFE9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{6FC5CE93-C19A-4CD0-953C-C17401B59B9D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{7895E102-C4C0-488D-AF39-2C03DE02C869}" = protocol=17 | dir=in | app=e:\program files\steam\steam.exe | "{7CD1F60E-1E86-4F5B-BCEF-419141AAB1AD}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{80D72EE9-221B-40C2-AC02-9349BE2B85D8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{870C0E13-F9EF-448E-A0E0-4965EF637636}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{8D6FBEE2-7CF4-4659-B1FC-1C9471D7CC00}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8F12EA91-DB48-4503-A5E3-2496B9B08B7F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{927F5640-4D09-4207-9036-CEE7DA3BF25B}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{92C43028-A49E-4CF4-85D5-05ABBB811E87}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{99364421-3C39-452A-858F-96CD6F325657}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "{99ACFDFF-9077-43EF-9486-71F3B3976591}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | "{A2AA7FE0-4574-4701-A50F-C043B0462D49}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{A2D2CC3B-492A-4440-B8DF-FB856FAECC96}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{A906B756-AFE1-426C-9E48-040C44A10EA0}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | "{B3082408-87F4-4F8A-9A0C-579C9B640076}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{B3DE1FBF-7032-4C58-A547-141A6912EDF5}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{B5C18C6A-F4DD-4C79-AF8D-17773D083F4C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BBA35611-D480-4970-9DC7-FBFAD30039EB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{BE25EA6F-D77A-4D0F-8227-C0F13ACBFE1C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{BE48B027-9947-4CFF-B397-E4A7EE905357}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | "{C94D45A4-5D62-4722-B4C9-990D55D113CC}" = protocol=6 | dir=out | app=system | "{D110C923-EBB8-41DD-A97E-EEA7B3FCB3A3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe | "{D5EF3E86-DFD7-4510-B1AF-B423A0D337A0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E8EAD654-825B-4220-8F37-3B3D5A988791}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | "{EA1359F7-B57A-412D-98B9-3D8DA5F5BE7E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{EBC914F3-2915-474C-AD80-DAD303EAFC7F}" = protocol=17 | dir=in | app=d:\steam\steamapps\556714\counter-strike source\hl2.exe | "{F6FA303B-F4F5-4E97-A933-3CD8F8B350E5}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | "TCP Query User{20163578-272F-473A-8278-8358CE77F47B}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "TCP Query User{35B9FAE0-1D65-4973-9E24-7869E9DA1468}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "TCP Query User{417FAE82-BAE8-40F7-86C2-F2CD9413AE5F}E:\program files\prototype 2\prototype2.exe" = protocol=6 | dir=in | app=e:\program files\prototype 2\prototype2.exe | "TCP Query User{45EF7F8D-0876-426D-8D9E-66D902F049DB}E:\borderlands(direct play with all 4 dlc's)\binaries\borderlands.exe" = protocol=6 | dir=in | app=e:\borderlands(direct play with all 4 dlc's)\binaries\borderlands.exe | "TCP Query User{73A735AC-44E6-4823-8C94-FB609D942927}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{93D6CCE6-4D96-47D7-95F1-87DFA9EC5FEA}E:\program files\prototype 2\prototype2.exe" = protocol=6 | dir=in | app=e:\program files\prototype 2\prototype2.exe | "TCP Query User{C23CF7F2-9AE0-4ECC-842C-54B7D1435F82}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "TCP Query User{DCD30532-6B77-4392-AF78-8DD4A83122C9}E:\program files\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=e:\program files\valve\portal 2\portal2.exe | "TCP Query User{E0DB0F5D-41E5-46BD-96C9-F479B2DA48FD}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "TCP Query User{E16CC7FA-A67D-4A5C-BDC2-E80D276FD405}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "UDP Query User{192C81B0-529F-4DC3-9080-EFB58B786A2C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | "UDP Query User{509227D2-9E9E-49DA-9645-78665506D7C0}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe | "UDP Query User{556410DD-EB57-4816-A9AD-C5154D8496EC}E:\program files\prototype 2\prototype2.exe" = protocol=17 | dir=in | app=e:\program files\prototype 2\prototype2.exe | "UDP Query User{99815C54-EA05-4145-A722-2A6C71658BC2}E:\program files\prototype 2\prototype2.exe" = protocol=17 | dir=in | app=e:\program files\prototype 2\prototype2.exe | "UDP Query User{A10B2B4D-210C-4F52-9760-E7CB9CAD2E61}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | "UDP Query User{B6E83290-6615-49B8-ACD9-2FE535C1857E}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | "UDP Query User{DA3A6ABE-DA77-4E29-BEEC-FE6DD6399AE1}E:\borderlands(direct play with all 4 dlc's)\binaries\borderlands.exe" = protocol=17 | dir=in | app=e:\borderlands(direct play with all 4 dlc's)\binaries\borderlands.exe | "UDP Query User{EC36227E-8ACA-4461-80DB-23118026C2BF}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{EE82F4D5-FDFE-4807-AE5D-A127E4B0FCB4}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe | "UDP Query User{FBBD352A-D8CC-4AB7-9D5E-8448E35603E2}E:\program files\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=e:\program files\valve\portal 2\portal2.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5 "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4 "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{23767F5D-A80C-4264-B8EA-ED4085FC332A}" = Adobe Illustrator CS5.1 "{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data "{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA "{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime "{2CA0BED6-1CBA-4BDD-8608-BC9D639EA0F3}" = Twierdza Krzyżowiec Extreme "{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0001 "{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City "{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect "{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA "{57E3E699-29C7-44F0-B487-7D6162E2A5BF}" = RohanOnline "{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist "{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support "{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9E6F8F73-6A33-4F40-A879-71600C1CD2EB}_is1" = EGCabal Online version 2 "{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2) "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 296.10 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5 "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86 "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English "{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX "{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM "{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant "{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}" = CorelDRAW Graphics Suite X5 - EN "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "ASIO4ALL" = ASIO4ALL "Audacity_is1" = Audacity 2.0 "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant "CWK" = CWK (Czasowy Wyłącznik Komputera) "DAEMON Tools Lite" = DAEMON Tools Lite "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "FL Studio 10" = FL Studio 10 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228 "Gadu-Gadu 10" = Gadu-Gadu 10 "HD Tune_is1" = HD Tune 2.55 "IL Download Manager" = IL Download Manager "KLiteCodecPack_is1" = K-Lite Codec Pack 8.0.0 (Full) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.62.0.1300 "MD5 Checksum Verifier_is1" = MD5 Checksum Verifier 4.4 "Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt (2.0.0.2151) "NCLauncher_GameForge" = NC Launcher (GameForge) "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Origin" = Origin "Postal 2_is1" = Portal 2 "RealPlayer 15.0" = RealPlayer "Red Alert 2" = Command & Conquer Red Alert 2 "Return to Castle Wolfenstein" = Return to Castle Wolfenstein "Risen 2 Dark Waters_is1" = Risen 2 Dark Waters "Rohan_RBF" = RohanOnline "screenSHU" = screenSHU - the fastest screen capture ever. "SpeedFan" = SpeedFan (remove only) "Spolszczenie do gry Aion Free-To-Play_is1" = Spolszczenie do gry Aion Free-To-Play "SystemRequirementsLab" = System Requirements Lab "uTorrent" = µTorrent "Winamp" = Winamp "Windows 7 - Codec Pack" = Windows 7 Codec Pack 3.6.0 "WinRAR archiver" = WinRAR 4.01 (32-bitowy) "Yuri's Revenge" = Command && Conquer Red Alert 2 - Yuri's Revenge [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-572751724-1944054612-232048248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GameRanger" = GameRanger "Google Chrome" = Google Chrome [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-07-29 20:13:03 | Computer Name = Engine | Source = VSS | ID = 8194 Description = Error - 2012-07-31 15:02:06 | Computer Name = Engine | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: veohwebplayer.exe, wersja: 1.3.8.1112, sygnatura czasowa: 0x4ed38024 Nazwa modułu powodującego błąd: QtCore4.dll, wersja: 4.7.0.0, sygnatura czasowa: 0x4dff2959 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00051ae6 Identyfikator procesu powodującego błąd: 0xcec Godzina uruchomienia aplikacji powodującej błąd: 0x01cd6ef86371dc81 Ścieżka aplikacji powodującej błąd: C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe Ścieżka modułu powodującego błąd: C:\Program Files\Veoh Networks\VeohWebPlayer\QtCore4.dll Identyfikator raportu: 381ac1f4-db42-11e1-9923-ba6c4038864e Error - 2012-08-03 04:03:18 | Computer Name = Engine | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: wmpnetwk.exe, wersja: 12.0.7600.16385, sygnatura czasowa: 0x4a5bccb3 Nazwa modułu powodującego błąd: wmp.dll, wersja: 12.0.7600.16385, sygnatura czasowa: 0x4a5bdb7f Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000ccf8 Identyfikator procesu powodującego błąd: 0xb94 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd714d3df0df19 Ścieżka aplikacji powodującej błąd: C:\Program Files\Windows Media Player\wmpnetwk.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\wmp.dll Identyfikator raportu: aeb3b012-dd41-11e1-8cdd-830790f1b747 Error - 2012-08-03 04:08:44 | Computer Name = Engine | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: svchost.exe_NlaSvc, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bc100 Nazwa modułu powodującego błąd: nlasvc.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bda7e Kod wyjątku: 0xc0000096 Przesunięcie błędu: 0x00003aa0 Identyfikator procesu powodującego błąd: 0x570 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd714cf381df2b Ścieżka aplikacji powodującej błąd: C:\Windows\system32\svchost.exe Ścieżka modułu powodującego błąd: c:\windows\system32\nlasvc.dll Identyfikator raportu: 70fb3faf-dd42-11e1-8cdd-830790f1b747 Error - 2012-08-03 04:08:44 | Computer Name = Engine | Source = Application Error | ID = 1005 Description = System Windows nie może uzyskać dostępu do pliku z jednej z następujących przyczyn: problem z połączeniem sieciowym; problem z dyskiem, na którym jest przechowywany plik; problem ze sterownikami magazynu zainstalowanymi na tym komputerze; brak dysku. System Windows zamknął program Proces hosta dla usług systemu Windows z powodu tego błędu. Program: Proces hosta dla usług systemu Windows Plik: Wartość błędu jest wyświetlona w sekcji Dodatkowe dane. Akcja użytkownika 1. Otwórz plik ponownie. Ta sytuacja może być przejściowym problemem, który sam się rozwiąże po ponownym uruchomieniu programu. 2. Jeśli nadal nie można uzyskać dostępu do pliku i - jest w sieci, administrator sieci powinien sprawdzić, czy nie ma problemu z siecią i czy można skontaktować się z serwerem. - jest na dysku wymiennym, na przykład dyskietce lub dysku CD-ROM, sprawdź, czy cały dysk jest włożony do komputera. 3. Sprawdź i napraw system plików, uruchamiając program CHKDSK. Aby uruchomić program CHKDSK, kliknij przycisk Start, kliknij polecenie Uruchom, wpisz polecenie CMD, a następnie kliknij przycisk OK. W wierszu polecenia wpisz polecenie CHKDSK /F, a następnie naciśnij klawisz ENTER. 4. Jeżeli problem nie ustąpi, przywróć plik z kopii zapasowej. 5. Ustal, czy można otworzyć inne pliki na tym samym dysku. Jeśli nie, dysk może być uszkodzony. Jeśli jest to dysk twardy, skontaktuj się z administratorem komputera lub dostawcą sprzętu komputerowego, aby uzyskać dalszą pomoc. Dodatkowe dane Wartość błędu: 00000000 Typ dysku: 0 Error - 2012-08-07 07:06:39 | Computer Name = Engine | Source = VSS | ID = 8194 Description = Error - 2012-08-07 08:07:48 | Computer Name = Engine | Source = Windows Search Service | ID = 3007 Description = Error - 2012-08-10 12:58:43 | Computer Name = Engine | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: 036DFF5902C2E1CE0046DEE64F147C45.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fff7bd7 Nazwa modułu powodującego błąd: 036DFF5902C2E1CE0046DEE64F147C45.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fff7bd7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000296f Identyfikator procesu powodującego błąd: 0x91c Godzina uruchomienia aplikacji powodującej błąd: 0x01cd77196524f939 Ścieżka aplikacji powodującej błąd: C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe Ścieżka modułu powodującego błąd: C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe Identyfikator raportu: a394b4f0-e30c-11e1-bbb2-c88abb33bb58 Error - 2012-08-10 12:58:52 | Computer Name = Engine | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: 036DFF5902C2E1CE0046DEE64F147C45.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fff7bd7 Nazwa modułu powodującego błąd: 036DFF5902C2E1CE0046DEE64F147C45.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fff7bd7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000296f Identyfikator procesu powodującego błąd: 0x604 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd77196b0ee467 Ścieżka aplikacji powodującej błąd: C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe Ścieżka modułu powodującego błąd: C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe Identyfikator raportu: a8e1854c-e30c-11e1-bbb2-c88abb33bb58 Error - 2012-08-10 12:58:54 | Computer Name = Engine | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: 036DFF5902C2E1CE0046DEE64F147C45.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fff7bd7 Nazwa modułu powodującego błąd: 036DFF5902C2E1CE0046DEE64F147C45.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fff7bd7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000296f Identyfikator procesu powodującego błąd: 0x37c Godzina uruchomienia aplikacji powodującej błąd: 0x01cd77196cc4e19a Ścieżka aplikacji powodującej błąd: C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe Ścieżka modułu powodującego błąd: C:\ProgramData\036DFF5902C2E1CE0046DEE64F147C45\036DFF5902C2E1CE0046DEE64F147C45.exe Identyfikator raportu: aa97827e-e30c-11e1-bbb2-c88abb33bb58 [ System Events ] Error - 2012-07-27 15:30:37 | Computer Name = Engine | Source = ipnathlp | ID = 31004 Description = Error - 2012-07-27 18:57:10 | Computer Name = Engine | Source = ipnathlp | ID = 31004 Description = Error - 2012-07-28 04:41:05 | Computer Name = Engine | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 10:40:05 na ?2012-?07-?28 było nieoczekiwane. Error - 2012-07-28 04:41:09 | Computer Name = ENGINE | Source = BugCheck | ID = 1001 Description = Error - 2012-07-29 04:51:35 | Computer Name = Engine | Source = ipnathlp | ID = 31004 Description = Error - 2012-07-29 07:23:03 | Computer Name = Engine | Source = ipnathlp | ID = 31004 Description = Error - 2012-07-29 10:14:07 | Computer Name = Engine | Source = ipnathlp | ID = 31004 Description = Error - 2012-07-30 02:48:39 | Computer Name = Engine | Source = Service Control Manager | ID = 7011 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi eventlog. Error - 2012-07-30 02:54:59 | Computer Name = Engine | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 08:52:51 na ?2012-?07-?30 było nieoczekiwane. Error - 2012-07-31 14:10:51 | Computer Name = Engine | Source = ipnathlp | ID = 31004 Description = < End of report > [/log] Log z SystemLook: [log]SystemLook 30.07.11 by jpshortstuff Log created at 10:32 on 11/08/2012 by Kacper Administrator - Elevation successful ========== reg ========== [HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}] (Unable to open key - key not found) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}] @="Microsoft WBEM New Event Subsystem" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32] @="%systemroot%\system32\wbem\wbemess.dll" "ThreadingModel"="Both" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}] @="MruPidlList" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] @="%SystemRoot%\system32\shell32.dll" "ThreadingModel"="Apartment" ========== filefind ========== Searching for "services.exe" C:\Windows\System32\services.exe --a---- 259072 bytes [23:11 13/07/2009] [01:14 14/07/2009] 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe --a---- 259072 bytes [23:11 13/07/2009] [01:14 14/07/2009] 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -= EOF =-[/log]
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.