pawel78963 utworzono 23 grudnia 2012 utworzono 23 grudnia 2012 Kolega poprosił mnie o usunięcie wirusów, ale ja się zbytnio na tym nie znam więc kieruję się tutaj Logi: OTL [log]OTL logfile created on: 12/23/2012 1:52:30 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\ 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1.91 Gb Total Physical Memory | 0.77 Gb Available Physical Memory | 40.13% Memory free 3.83 Gb Paging File | 2.32 Gb Available in Paging File | 60.70% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 50.00 Gb Total Space | 5.86 Gb Free Space | 11.73% Space Free | Partition Type: NTFS Drive D: | 395.13 Gb Total Space | 349.24 Gb Free Space | 88.39% Space Free | Partition Type: NTFS Drive F: | 33.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: SKLEP-FUJITSU | User Name: sklep | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012/12/23 13:50:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.exe PRC - [2012/12/23 13:04:38 | 000,115,032 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Users\sklep\AppData\Local\Temp\3582-490\SweetIM.exe PRC - [2012/12/23 13:04:18 | 000,246,112 | ---- | M] () -- C:\ProgramData\OnlineUpdate\ouc.exe PRC - [2012/12/23 13:00:04 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe PRC - [2011/10/12 00:33:24 | 000,462,576 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe PRC - [2011/10/11 23:58:31 | 000,622,344 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe PRC - [2011/03/14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2010/11/03 19:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2010/09/30 02:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe PRC - [2009/08/13 14:06:00 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe PRC - [2009/07/14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012/12/23 13:50:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.exe MOD - [2012/12/23 13:04:38 | 000,115,032 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Users\sklep\AppData\Local\Temp\3582-490\SweetIM.exe MOD - [2012/12/23 13:00:04 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe MOD - [2012/10/09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll MOD - [2012/10/08 09:28:33 | 012,320,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll MOD - [2012/10/08 09:02:17 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll MOD - [2012/10/08 08:56:24 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll MOD - [2012/10/08 08:48:51 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2012/10/08 08:48:03 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2012/10/08 08:41:28 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2012/10/04 16:35:08 | 000,074,072 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll MOD - [2012/10/04 16:35:06 | 000,299,352 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll MOD - [2012/10/04 16:35:04 | 000,098,648 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll MOD - [2012/10/04 16:34:52 | 000,168,280 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll MOD - [2012/10/04 16:34:48 | 000,065,880 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll MOD - [2012/10/04 16:34:48 | 000,036,696 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll MOD - [2012/10/04 16:34:46 | 000,516,440 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll MOD - [2012/10/04 16:34:38 | 000,026,968 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll MOD - [2012/08/24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2012/08/20 18:38:44 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\acwow64.dll MOD - [2012/08/20 18:37:18 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2012/08/20 18:37:18 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2012/06/26 11:49:23 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtGui4.dll MOD - [2012/06/26 11:49:23 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtCore4.dll MOD - [2012/06/26 11:49:23 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\QtNetwork4.dll MOD - [2012/06/26 11:49:23 | 001,101,824 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NDISAPI.dll MOD - [2012/06/26 11:49:23 | 001,077,248 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookPlugin.dll MOD - [2012/06/26 11:49:23 | 000,808,960 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SMSUIPlugin.dll MOD - [2012/06/26 11:49:23 | 000,739,328 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookUIPlugin.dll MOD - [2012/06/26 11:49:23 | 000,670,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SmsAppPlugin.dll MOD - [2012/06/26 11:49:23 | 000,550,400 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallAppPlugin.dll MOD - [2012/06/26 11:49:23 | 000,547,840 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallLogSrvPlugin.dll MOD - [2012/06/26 11:49:23 | 000,545,280 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PluginContainer.dll MOD - [2012/06/26 11:49:23 | 000,495,104 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceMgrUIPlugin.dll MOD - [2012/06/26 11:49:23 | 000,483,328 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetInfoUIExPlugin.dll MOD - [2012/06/26 11:49:23 | 000,428,032 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\core.dll MOD - [2012/06/26 11:49:23 | 000,427,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DialupUIPlugin.dll MOD - [2012/06/26 11:49:23 | 000,384,512 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\USSDUIPlugin.dll MOD - [2012/06/26 11:49:23 | 000,381,952 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Proxy.dll MOD - [2012/06/26 11:49:23 | 000,370,176 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qtiff4.dll MOD - [2012/06/26 11:49:23 | 000,350,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qmng4.dll MOD - [2012/06/26 11:49:23 | 000,338,432 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceAppPlugin.dll MOD - [2012/06/26 11:49:23 | 000,334,848 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\MainpagePlugin.dll MOD - [2012/06/26 11:49:23 | 000,333,312 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetConnectPlugin.dll MOD - [2012/06/26 11:49:23 | 000,310,272 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\StatusBarMgrPlugin.dll MOD - [2012/06/26 11:49:23 | 000,301,056 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceSrvPlugin.dll MOD - [2012/06/26 11:49:23 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetInfoSrvPlugin.dll MOD - [2012/06/26 11:49:23 | 000,269,824 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\LiveUpdateInterface.dll MOD - [2012/06/26 11:49:23 | 000,264,704 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AddrBookSrvPlugin.dll MOD - [2012/06/26 11:49:23 | 000,261,632 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\sdk.dll MOD - [2012/06/26 11:49:23 | 000,249,344 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\MenuMgrPlugin.dll MOD - [2012/06/26 11:49:23 | 000,240,128 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\ToolBarMgrPlugin.dll MOD - [2012/06/26 11:49:23 | 000,238,080 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\AtCodec.dll MOD - [2012/06/26 11:49:23 | 000,235,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetSrvPlugin.dll MOD - [2012/06/26 11:49:23 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Common.dll MOD - [2012/06/26 11:49:23 | 000,217,600 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SmsSrvPlugin.dll MOD - [2012/06/26 11:49:23 | 000,217,088 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\PLAY ONLINE\mcciwin32.dll MOD - [2012/06/26 11:49:23 | 000,211,968 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DialUpPlugin.dll MOD - [2012/06/26 11:49:23 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qjpeg4.dll MOD - [2012/06/26 11:49:23 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\XFramePlugin.dll MOD - [2012/06/26 11:49:23 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NDISPlugin.dll MOD - [2012/06/26 11:49:23 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\CallSrvPlugin.dll MOD - [2012/06/26 11:49:23 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\XCodec.dll MOD - [2012/06/26 11:49:23 | 000,158,720 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetConnectSrvPlugin.dll MOD - [2012/06/26 11:49:23 | 000,157,184 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DataServicePlugin.dll MOD - [2012/06/26 11:49:23 | 000,156,672 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\STKSrvPlugin.dll MOD - [2012/06/26 11:49:23 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\USSDSrvPlugin.dll MOD - [2012/06/26 11:49:23 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Trace.dll MOD - [2012/06/26 11:49:23 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSDialup.dll MOD - [2012/06/26 11:49:23 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSNDIS.dll MOD - [2012/06/26 11:49:23 | 000,123,392 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\ATR2SMgr.dll MOD - [2012/06/26 11:49:23 | 000,118,272 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\LayoutPlugin.dll MOD - [2012/06/26 11:49:23 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\Win7Support.dll MOD - [2012/06/26 11:49:23 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSAdapt.dll MOD - [2012/06/26 11:49:23 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NotifyServicePlugin.dll MOD - [2012/06/26 11:49:23 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qgif4.dll MOD - [2012/06/26 11:49:23 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\plugins\imageformats\qico4.dll MOD - [2012/06/26 11:49:23 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSPowerMgr.dll MOD - [2012/06/26 11:49:23 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\OSCall.dll MOD - [2012/06/26 11:49:23 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\libgcc_s_dw2-1.dll MOD - [2012/06/26 11:49:23 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\mingwm10.dll MOD - [2012/06/23 09:06:30 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2012/06/23 09:06:30 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2012/06/02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2012/06/02 05:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll MOD - [2012/06/02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2012/06/02 05:36:29 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll MOD - [2012/06/02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2012/05/05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2012/04/07 12:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll MOD - [2012/03/03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll MOD - [2012/03/01 06:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2012/01/13 08:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2011/12/16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011/11/17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011/11/17 06:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll MOD - [2011/10/12 00:33:29 | 000,832,752 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\libpserverplugin.dll MOD - [2011/10/12 00:33:28 | 005,594,864 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\libbizlplugin.dll MOD - [2011/10/12 00:33:24 | 000,462,576 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe MOD - [2011/10/11 23:58:40 | 000,374,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\LiveUpdate.dll MOD - [2011/10/11 23:58:39 | 000,537,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\BackendService.dll MOD - [2011/10/11 23:58:39 | 000,315,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\DownloadManager.dll MOD - [2011/10/11 23:58:39 | 000,112,392 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\SystemMonitor.dll MOD - [2011/10/11 23:58:39 | 000,105,224 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\DeviceProfileService.dll MOD - [2011/10/11 23:58:38 | 000,323,848 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\Provisioning.dll MOD - [2011/10/11 23:58:38 | 000,304,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\PersistenceAPI.dll MOD - [2011/10/11 23:58:38 | 000,276,232 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\actionManager.dll MOD - [2011/10/11 23:58:38 | 000,265,480 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\EventManager.dll MOD - [2011/10/11 23:58:38 | 000,240,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\dispatcherServer.dll MOD - [2011/10/11 23:58:31 | 000,622,344 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe MOD - [2011/10/11 23:58:28 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll MOD - [2011/10/11 23:58:28 | 000,071,168 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ServiceManagerStarter.dll MOD - [2011/10/11 23:58:27 | 000,444,416 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\DeviceProfile.dll MOD - [2011/10/11 23:58:27 | 000,318,976 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\network.dll MOD - [2011/10/11 23:58:27 | 000,018,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\sealing.dll MOD - [2011/10/11 23:58:26 | 000,289,792 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ServiceOfferingManager.dll MOD - [2011/10/11 23:58:25 | 001,110,016 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\serializer.dll MOD - [2011/10/11 23:58:24 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll MOD - [2011/10/11 23:58:24 | 000,117,248 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\dispatcher.dll MOD - [2011/10/11 23:58:24 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll MOD - [2011/10/11 23:58:23 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll MOD - [2011/10/11 23:58:23 | 000,224,256 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\CorePersistenceAPI.dll MOD - [2011/10/11 23:58:23 | 000,180,224 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\liveUpdateUtility.dll MOD - [2011/10/11 23:58:23 | 000,095,232 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\policyManager.dll MOD - [2011/10/11 23:58:23 | 000,017,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\localMessage.dll MOD - [2011/10/11 23:58:22 | 000,219,136 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\orchestrator.dll MOD - [2011/10/11 23:58:22 | 000,126,464 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\SystemInfo.dll MOD - [2011/10/11 23:58:22 | 000,125,952 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\uuid.dll MOD - [2011/10/11 23:58:22 | 000,093,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\configurationManager.dll MOD - [2011/10/11 23:58:22 | 000,030,208 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\logger.dll MOD - [2011/10/11 23:58:21 | 001,019,392 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\libeay32.dll MOD - [2011/10/11 23:58:21 | 000,510,464 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\payload.dll MOD - [2011/10/11 23:58:21 | 000,209,408 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ssleay32.dll MOD - [2011/10/11 23:58:21 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll MOD - [2011/10/11 23:58:21 | 000,031,232 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ChannelAdapter.dll MOD - [2011/08/27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011/08/27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011/05/24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011/05/24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011/05/12 08:31:58 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll MOD - [2011/05/12 08:31:58 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll MOD - [2011/05/12 08:31:58 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll MOD - [2011/04/12 02:40:48 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll MOD - [2011/04/12 02:40:42 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll MOD - [2011/03/14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe MOD - [2011/03/03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2011/01/07 14:39:22 | 000,768,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll MOD - [2011/01/07 14:39:22 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll MOD - [2010/11/21 04:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010/11/21 04:24:50 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wshbth.dll MOD - [2010/11/21 04:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2010/11/21 04:24:33 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll MOD - [2010/11/21 04:24:32 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010/11/21 04:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010/11/21 04:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll MOD - [2010/11/21 04:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010/11/21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010/11/21 04:24:16 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll MOD - [2010/11/21 04:24:16 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010/11/21 04:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll MOD - [2010/11/21 04:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010/11/21 04:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010/11/21 04:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010/11/21 04:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010/11/21 04:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010/11/21 04:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010/11/21 04:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010/11/21 04:24:09 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010/11/21 04:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010/11/21 04:24:09 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2010/11/21 04:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010/11/21 04:24:08 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll MOD - [2010/11/21 04:24:08 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll MOD - [2010/11/21 04:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll MOD - [2010/11/21 04:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010/11/21 04:24:08 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010/11/21 04:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010/11/21 04:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010/11/21 04:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010/11/21 04:24:01 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010/11/21 04:24:00 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll MOD - [2010/11/21 04:24:00 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv MOD - [2010/11/21 04:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010/11/21 04:23:55 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2010/11/21 04:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll MOD - [2010/11/21 04:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll MOD - [2010/11/21 04:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010/11/21 04:23:51 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010/11/21 04:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010/11/21 04:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010/11/21 04:23:48 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll MOD - [2010/11/21 04:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010/11/01 23:54:16 | 008,167,936 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtGui4.dll MOD - [2010/11/01 23:54:16 | 002,281,984 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll MOD - [2010/09/30 02:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe MOD - [2010/09/30 02:05:32 | 000,038,512 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\BrightMgr.dll MOD - [2010/09/30 02:05:32 | 000,036,464 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\VFuj02b1.dll MOD - [2010/09/30 02:05:32 | 000,020,080 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\fuj02b1.dll MOD - [2010/09/21 22:03:14 | 000,145,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL MOD - [2010/09/10 15:28:48 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\imageformats\qico4.dll MOD - [2010/09/10 15:27:52 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\imageformats\qjpeg4.dll MOD - [2010/09/10 15:20:24 | 010,836,992 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtWebKit4.dll MOD - [2010/09/10 13:07:10 | 001,283,584 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtScript4.dll MOD - [2010/09/10 12:41:54 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\phonon4.dll MOD - [2010/09/10 12:11:38 | 000,911,872 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll MOD - [2010/09/10 12:10:02 | 000,339,456 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll MOD - [2009/08/13 14:06:00 | 000,662,016 | ---- | M] (Sonix) -- C:\Windows\vsnp2uvc.exe MOD - [2009/07/14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll MOD - [2009/07/14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009/07/14 02:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WWanAPI.dll MOD - [2009/07/14 02:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wwapi.dll MOD - [2009/07/14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009/07/14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009/07/14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009/07/14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009/07/14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009/07/14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009/07/14 02:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll MOD - [2009/07/14 02:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll MOD - [2009/07/14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009/07/14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009/07/14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009/07/14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2009/07/14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll MOD - [2009/07/14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009/07/14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009/07/14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009/07/14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009/07/14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009/07/14 02:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll MOD - [2009/07/14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll MOD - [2009/07/14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009/07/14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll MOD - [2009/07/14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2009/07/14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll MOD - [2009/07/14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009/07/14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll MOD - [2009/07/14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009/07/14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll MOD - [2009/07/14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll MOD - [2009/07/14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2009/07/14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009/07/14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll MOD - [2009/07/14 02:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll MOD - [2009/07/14 02:15:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddrawex.dll MOD - [2009/07/14 02:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll MOD - [2009/07/14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll MOD - [2009/07/14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll MOD - [2009/07/14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009/07/14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009/07/14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2009/07/14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009/07/14 02:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rundll32.exe MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009/07/14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv MOD - [2009/07/14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009/07/14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009/07/14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll MOD - [2009/07/14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2006/07/11 18:35:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll MOD - [2004/01/11 23:00:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll MOD - [2003/03/19 04:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp71.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011/01/05 21:41:38 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:[b]64bit:[/b] - [2011/01/05 21:28:50 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:[b]64bit:[/b] - [2011/01/05 21:26:56 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:[b]64bit:[/b] - [2010/10/07 23:58:14 | 000,331,776 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService) SRV:[b]64bit:[/b] - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2010/06/17 23:47:12 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService) SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/12/23 08:15:52 | 002,697,752 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012/12/23 08:15:52 | 001,339,968 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service) SRV - [2012/12/23 08:15:52 | 001,024,576 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2012/12/23 08:15:52 | 000,367,640 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012/12/22 14:34:00 | 000,287,584 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc) SRV - [2012/12/15 09:43:56 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/11/29 09:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011/03/14 16:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2010/11/03 19:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2010/03/18 21:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,223,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm) DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,223,232 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV:[b]64bit:[/b] - [2012/06/26 11:49:23 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011/04/15 03:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2011/03/24 06:47:04 | 000,042,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\WDKMD.sys -- (wdkmd) DRV:[b]64bit:[/b] - [2011/03/24 06:47:02 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:[b]64bit:[/b] - [2011/03/24 06:47:02 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011/02/18 00:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2011/01/04 03:29:46 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:[b]64bit:[/b] - [2010/12/28 19:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2010/11/04 13:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:[b]64bit:[/b] - [2010/11/04 11:31:44 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex) DRV:[b]64bit:[/b] - [2010/10/20 02:12:58 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:[b]64bit:[/b] - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2010/10/14 17:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2010/10/09 13:35:38 | 001,801,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) DRV:[b]64bit:[/b] - [2010/05/07 03:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b]64bit:[/b] - [2009/11/19 13:45:08 | 000,299,568 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/07/14 01:01:09 | 000,679,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xnacc.sys -- (xnacc) DRV:[b]64bit:[/b] - [2009/06/24 06:31:30 | 000,021,104 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FBIOSDRV.sys -- (FBIOSDRV) DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2006/11/01 11:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3) DRV:[b]64bit:[/b] - [2006/11/01 11:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1) DRV - [2012/08/09 09:42:45 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2012/08/09 09:42:45 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {AB488C48-D7F7-41F2-BE8A-93F5CDE0662A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{AB488C48-D7F7-41F2-BE8A-93F5CDE0662A}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10025&barid={B8816DC0-4CF1-11E2-B55D-4C80933FA20E} IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{AB488C48-D7F7-41F2-BE8A-93F5CDE0662A}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10025&barid={B8816DC0-4CF1-11E2-B55D-4C80933FA20E} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.google.com/ig/redirectd [Binary data over 200 bytes] IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ig/redirectd [Binary data over 200 bytes] IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10025&barid={B8816DC0-4CF1-11E2-B55D-4C80933FA20E} IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\SearchScopes\{AB488C48-D7F7-41F2-BE8A-93F5CDE0662A}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG_plPL489 IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10025&barid={B8816DC0-4CF1-11E2-B55D-4C80933FA20E} IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "SweetIM Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "v9" FF - prefs.js..browser.search.selectedEngine: "SweetIM Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&barid={B8816DC0-4CF1-11E2-B55D-4C80933FA20E}&q=" FF - prefs.js..network.proxy.type: 0 FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "v9" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "v9" FF - prefs.js..browser.startup.homepage: "about:blank" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/23 12:03:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/23 12:15:22 | 000,000,000 | ---D | M] [2012/06/28 10:03:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sklep\AppData\Roaming\mozilla\Extensions [2012/12/23 12:27:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sklep\AppData\Roaming\mozilla\Firefox\Profiles\avn2kine.default\extensions [2012/11/22 11:20:46 | 000,000,000 | ---D | M] ("Winamp Toolbar") -- C:\Users\sklep\AppData\Roaming\mozilla\Firefox\Profiles\avn2kine.default\extensions\{8b9fe9be-f7dd-451e-ac96-0e568e0ecc10} [2012/12/23 12:26:47 | 000,169,792 | ---- | M] () (No name found) -- C:\Users\sklep\AppData\Roaming\mozilla\firefox\profiles\avn2kine.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012/11/22 11:20:52 | 000,002,533 | ---- | M] () -- C:\Users\sklep\AppData\Roaming\mozilla\firefox\profiles\avn2kine.default\searchplugins\aol-search.xml [2012/12/23 12:13:22 | 000,003,998 | ---- | M] () -- C:\Users\sklep\AppData\Roaming\mozilla\firefox\profiles\avn2kine.default\searchplugins\sweetim.xml [2012/06/28 10:36:52 | 000,002,357 | ---- | M] () -- C:\Users\sklep\AppData\Roaming\mozilla\firefox\profiles\avn2kine.default\searchplugins\winamp-web-search.xml [2012/12/23 12:03:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/11/13 19:29:11 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012/11/29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/06/28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012/11/29 11:00:09 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012/11/29 11:00:09 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012/11/29 11:00:09 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012/11/29 11:00:09 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012/11/29 11:00:09 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012/11/29 11:00:09 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED) O4:[b]64bit:[/b] - HKLM..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED) O4:[b]64bit:[/b] - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED) O4:[b]64bit:[/b] - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix) O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED) O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.lnk () O4 - HKLM..\Run: [Intel AppUp(SM) center_Nagware] C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.lnk () O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix) O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe () O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Malwarebytes' Anti-Malware\mbamgui.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk = File not found O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1ABEBA52-42BF-415B-A1B7-52E4900891C4}: NameServer = 89.108.195.20 89.108.202.20 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{60AF6E04-1C97-4D2F-8437-983C3FF54BD9}: NameServer = 89.108.202.21 89.108.195.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C9047CFF-97CE-4BEF-96FF-D1152B59F25B}: DhcpNameServer = 192.168.0.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/03/17 16:27:22 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2008/10/10 18:12:34 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{0d7285fc-c87a-11e1-a8ae-4c80933fa20e}\Shell - "" = AutoRun O33 - MountPoints2\{0d7285fc-c87a-11e1-a8ae-4c80933fa20e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 16:27:22 | 000,148,320 | R--- | M] () O33 - MountPoints2\{3f7f1081-bf7b-11e1-a9cc-4c80933fa20e}\Shell - "" = AutoRun O33 - MountPoints2\{3f7f1081-bf7b-11e1-a9cc-4c80933fa20e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 16:27:22 | 000,148,320 | R--- | M] () O33 - MountPoints2\{3f7f108e-bf7b-11e1-a9cc-4c80933fa20e}\Shell - "" = AutoRun O33 - MountPoints2\{3f7f108e-bf7b-11e1-a9cc-4c80933fa20e}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{77274670-bbc0-11e1-a38d-4c80933fa20e}\Shell - "" = AutoRun O33 - MountPoints2\{77274670-bbc0-11e1-a38d-4c80933fa20e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 16:27:22 | 000,148,320 | R--- | M] () O33 - MountPoints2\{77274708-bbc0-11e1-a38d-4c80933fa20e}\Shell - "" = AutoRun O33 - MountPoints2\{77274708-bbc0-11e1-a38d-4c80933fa20e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 16:27:22 | 000,148,320 | R--- | M] () O33 - MountPoints2\{d29483a8-c0fe-11e1-a95f-4c80933fa20e}\Shell - "" = AutoRun O33 - MountPoints2\{d29483a8-c0fe-11e1-a95f-4c80933fa20e}\Shell\AutoRun\command - "" = I:\Setup.exe O33 - MountPoints2\{dd6d21be-0be1-11e2-9fad-4c80933fa20e}\Shell - "" = AutoRun O33 - MountPoints2\{dd6d21be-0be1-11e2-9fad-4c80933fa20e}\Shell\AutoRun\command - "" = F:\RunGame.exe O33 - MountPoints2\{f90c0fb7-ccfb-11e1-a72b-4c80933fa20e}\Shell - "" = AutoRun O33 - MountPoints2\{f90c0fb7-ccfb-11e1-a72b-4c80933fa20e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 16:27:22 | 000,148,320 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- C:\Windows\svchost.com "%1" %* () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- C:\Windows\svchost.com "%1" %* () O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- C:\Windows\svchost.com "%1" %* () O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- C:\Windows\svchost.com "%1" %* () O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe - (McAfee, Inc.) MsConfig:64bit - StartUpFolder: C:^Users^sklep^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Torpedo.lnk - - File not found MsConfig:64bit - StartUpReg: [b]Skype[/b] - hkey= - key= - File not found MsConfig:64bit - StartUpReg: [b]UCam_Menu[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) MsConfig:64bit - StartUpReg: [b]YouCam Mirror Tray icon[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012/12/23 13:32:40 | 000,000,000 | ---D | C] -- C:\Users\sklep\Documents\Zdjecia [2012/12/23 13:32:10 | 000,000,000 | ---D | C] -- C:\Users\sklep\Documents\Rejestr [2012/12/23 13:30:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\OTL.exe [2012/12/23 13:05:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/12/23 13:05:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/12/23 13:05:33 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware [2012/12/23 12:50:36 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\Malwarebytes [2012/12/23 12:48:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/12/23 12:15:22 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa [2012/12/23 12:13:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM [2012/12/23 12:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM [2012/12/23 08:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\OnlineUpdate [2012/12/23 08:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\log [2012/12/22 14:32:43 | 000,000,000 | ---D | C] -- C:\Users\sklep\Documents\NFS ProStreet [2012/12/22 14:32:36 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\PunkBuster [2012/12/22 10:47:55 | 000,000,000 | RH-D | C] -- C:\Users\sklep\AppData\Roaming\SecuROM [2012/12/22 10:01:16 | 000,000,000 | ---D | C] -- C:\Users\sklep\Desktop\Od Daniela [2012/12/19 19:02:56 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{8DA0E338-E044-4250-8C05-B8480195DF40} [2012/12/17 18:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2012/12/16 15:04:17 | 000,000,000 | ---D | C] -- C:\Users\sklep\Documents\Deluxe Ski Jump 4 [2012/12/16 15:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluxe Ski Jump 4 [2012/12/15 17:36:17 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{78D14B6B-30D2-407C-82BE-75BA67E53740} [2012/12/15 17:33:28 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{831B6800-491A-4BC7-B6DA-A8BDD97377C2} [2012/12/15 16:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skoki Narciarskie 2004 [2012/12/15 16:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codemasters [2012/12/15 09:44:07 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2012/12/15 09:44:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan [2012/12/09 11:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Company [2012/12/08 12:41:06 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2012/12/08 12:41:06 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2012/12/08 12:41:06 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2012/12/08 12:41:06 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2012/12/08 12:41:05 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2012/12/08 12:41:05 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2012/12/08 12:41:05 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2012/12/08 12:41:05 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2012/12/08 12:41:05 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2012/12/08 12:41:05 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2012/12/08 12:41:03 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2012/12/08 12:41:03 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2012/12/08 12:28:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1C Publishing EU [2012/12/08 12:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Publishing EU [2012/12/07 20:12:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012/12/07 20:12:48 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012/12/07 19:53:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefront [2012/12/07 19:22:50 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012/12/02 20:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012/12/02 20:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012/12/02 19:27:24 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2012/12/02 19:27:24 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2012/12/02 19:27:23 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2012/12/02 19:27:23 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2012/12/02 19:27:22 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2012/12/02 19:27:22 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2012/12/02 19:27:22 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2012/12/02 19:27:22 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2012/12/02 19:27:22 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2012/12/02 19:27:22 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2012/12/02 19:27:21 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2012/12/02 19:27:21 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2012/12/02 19:27:21 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2012/12/02 19:27:20 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2012/12/02 19:27:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2012/12/02 19:27:16 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2012/12/02 19:27:16 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2012/12/02 19:27:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2012/12/02 19:27:16 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2012/12/02 19:27:16 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2012/12/02 19:27:16 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2012/12/02 19:27:16 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2012/12/02 19:27:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2012/12/02 19:27:15 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2012/12/02 19:27:15 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2012/12/02 19:27:15 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2012/12/02 19:27:15 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2012/12/02 19:27:14 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2012/12/02 19:27:14 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2012/12/02 19:27:14 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2012/12/02 19:27:14 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2012/12/02 19:27:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2012/12/02 19:27:13 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2012/12/02 19:27:13 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2012/12/02 19:27:13 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2012/12/02 19:27:12 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2012/12/02 19:27:12 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2012/12/02 19:27:12 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2012/12/02 19:27:12 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2012/12/02 19:27:11 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2012/12/02 19:27:11 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2012/12/02 19:27:11 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2012/12/02 19:27:11 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2012/12/02 19:27:10 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2012/12/02 19:27:10 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2012/12/02 19:27:10 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2012/12/02 19:27:10 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2012/12/02 19:27:09 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2012/12/02 19:27:09 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2012/12/02 19:27:08 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2012/12/02 19:27:08 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2012/12/02 19:27:08 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2012/12/02 19:27:08 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2012/12/02 19:27:08 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2012/12/02 19:27:08 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2012/12/02 19:27:07 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2012/12/02 19:27:07 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2012/12/02 19:27:06 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2012/12/02 19:27:06 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2012/12/02 19:27:06 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2012/12/02 19:27:06 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2012/12/02 19:27:05 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2012/12/02 19:27:05 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2012/12/02 19:27:05 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2012/12/02 19:27:05 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2012/12/02 19:27:04 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2012/12/02 19:27:04 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2012/12/02 19:27:04 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2012/12/02 19:27:04 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2012/12/02 19:27:03 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2012/12/02 19:27:03 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2012/12/02 19:27:03 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2012/12/02 19:27:03 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2012/12/02 19:27:03 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2012/12/02 19:27:03 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2012/12/02 19:27:02 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2012/12/02 19:27:02 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2012/12/02 19:27:02 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2012/12/02 19:27:02 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2012/12/02 19:27:01 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2012/12/02 19:27:01 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2012/12/02 19:27:01 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2012/12/02 19:27:01 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2012/12/02 19:26:59 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2012/12/02 19:26:59 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2012/12/02 19:26:59 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2012/12/02 19:26:59 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2012/12/02 19:26:58 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2012/12/02 19:26:58 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2012/12/02 19:26:58 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2012/12/02 19:26:58 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2012/12/02 19:26:58 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2012/12/02 19:26:58 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2012/12/02 19:26:58 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2012/12/02 19:26:58 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2012/12/02 19:26:57 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2012/12/02 19:26:57 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2012/12/02 19:26:57 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2012/12/02 19:26:57 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2012/12/02 19:26:53 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2012/12/02 19:26:53 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2012/12/02 19:26:52 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2012/12/02 19:26:52 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2012/12/02 19:26:52 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2012/12/02 19:26:52 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2012/12/02 19:26:52 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2012/12/02 19:26:52 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2012/12/02 19:26:51 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2012/12/02 19:26:51 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2012/12/02 19:26:50 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2012/12/02 19:26:50 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2012/12/02 19:26:49 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2012/12/02 19:26:49 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2012/12/02 19:26:48 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2012/12/02 19:26:48 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2012/12/02 19:26:47 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2012/12/02 19:26:47 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2012/12/01 16:17:03 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\Rovio [2012/11/25 12:53:15 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\Tific [2012/11/25 12:53:03 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\Symantec [2012/11/18 16:30:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe [2012/11/18 16:05:18 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\GoPlayer_downloader [2012/11/18 15:41:47 | 000,000,000 | ---D | C] -- C:\User Data [2012/11/18 15:41:46 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Roaming\GoPlayer [2012/11/18 15:37:16 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\Torpedo [2012/11/18 12:04:01 | 000,000,000 | ---D | C] -- C:\Users\sklep\Documents\18 WoS Haulin [2012/11/18 12:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\18 Wheels of Steel Haulin [2012/11/18 12:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\18 Wheels of Steel Haulin [2012/11/16 07:09:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2012/11/15 19:19:51 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/11/15 19:19:50 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/11/15 19:19:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/11/15 19:19:50 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/11/15 19:19:49 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/11/15 19:19:49 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/11/15 19:19:49 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/11/15 19:19:49 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/11/15 19:19:49 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/11/15 19:19:49 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/11/15 19:19:49 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/11/15 19:19:48 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012/11/15 19:19:47 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/11/15 19:19:47 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/11/15 19:19:47 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012/11/15 19:19:21 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2012/11/15 19:19:21 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2012/11/15 19:19:21 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2012/11/15 19:19:21 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2012/11/15 00:11:06 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012/11/15 00:11:06 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012/11/15 00:11:06 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012/11/15 00:10:59 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2012/11/15 00:10:59 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012/11/15 00:10:59 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2012/11/15 00:10:59 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2012/11/15 00:10:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2012/11/15 00:10:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2012/11/15 00:09:33 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2012/11/15 00:09:33 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2012/11/13 19:35:47 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{B83D7D1A-5401-4A40-A57F-C8EE5D695782} [2012/11/13 19:29:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012/11/12 06:45:01 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{EB9DFC3F-328C-4C39-ACA5-7A49D4208C58} [2012/11/12 06:34:01 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{3995F340-48F8-4ACC-AD6C-AFC6A4E6C5D0} [2012/11/02 15:02:32 | 000,000,000 | ---D | C] -- C:\Users\sklep\Desktop\Nowy folder (3) [2012/11/02 14:34:16 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{51A6B1AF-F929-4F28-A516-052956392204} [2012/10/27 16:20:26 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{A9FC08E6-C2B1-4A56-8180-D6DEE067DEFF} [2012/10/26 11:39:47 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{D82C30C5-CA2E-412E-AB8F-C756462334AB} [2012/10/24 14:52:41 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{78CA250A-B5DD-4F35-A641-9BA757BD2F1D} [2012/10/24 14:36:45 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{780603F8-D9B8-42A9-99CE-8CA08450DC18} [2012/10/24 14:31:55 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{C3629BEB-8D15-44D5-AE99-3416903FAE29} [2012/10/24 14:07:45 | 000,000,000 | ---D | C] -- C:\Users\sklep\AppData\Local\{A867EF02-6DC1-4218-8C2D-7C5749F2DAC7} [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012/12/23 13:54:24 | 004,194,304 | -HS- | M] () -- C:\Users\sklep\NTUSER.DAT [2012/12/23 13:50:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.exe [2012/12/23 13:50:43 | 000,000,052 | ---- | M] () -- C:\Windows\directx.sys [2012/12/23 13:27:04 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/12/23 13:17:00 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/12/23 13:11:28 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/12/23 13:11:28 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/12/23 13:08:53 | 001,662,556 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/12/23 13:08:53 | 000,737,980 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012/12/23 13:08:53 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/12/23 13:08:53 | 000,154,636 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012/12/23 13:08:53 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/12/23 13:05:34 | 000,000,714 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/12/23 13:04:17 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/12/23 13:04:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012/12/23 13:04:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/12/23 13:04:04 | 1541,894,144 | -HS- | M] () -- C:\hiberfil.sys [2012/12/23 13:03:39 | 001,137,148 | -H-- | M] () -- C:\Users\sklep\AppData\Local\IconCache.db [2012/12/23 12:20:47 | 000,041,472 | ---- | M] () -- C:\Windows\svchost.com [2012/12/23 12:15:22 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk [2012/12/23 12:03:41 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/12/15 09:20:57 | 000,126,054 | ---- | M] () -- C:\Users\sklep\Desktop\79.jpg [2012/12/09 10:39:50 | 000,001,980 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/12/07 20:12:49 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/11/25 12:41:49 | 000,076,216 | ---- | M] () -- C:\Windows\SysNative\drivers\117afe766bdbd539.sys [2012/11/15 19:47:55 | 000,066,208 | ---- | M] () -- C:\Users\sklep\AppData\Local\GDIPFONTCACHEV1.DAT [2012/11/15 19:47:14 | 000,288,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/10/27 14:47:28 | 170,938,873 | ---- | M] () -- C:\Users\sklep\Desktop\Klub Galeon - DJ Hazel (20.10.2012).mp3 [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/12/23 13:05:34 | 000,000,714 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/12/23 13:03:39 | 001,137,148 | -H-- | C] () -- C:\Users\sklep\AppData\Local\IconCache.db [2012/12/23 12:15:22 | 000,000,949 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk [2012/12/23 12:14:02 | 000,002,231 | ---- | C] () -- C:\Users\sklep\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk [2012/12/23 08:16:05 | 000,000,052 | ---- | C] () -- C:\Windows\directx.sys [2012/12/23 08:15:38 | 000,041,472 | ---- | C] () -- C:\Windows\svchost.com [2012/12/22 14:28:00 | 170,938,873 | ---- | C] () -- C:\Users\sklep\Desktop\Klub Galeon - DJ Hazel (20.10.2012).mp3 [2012/12/15 09:20:55 | 000,126,054 | ---- | C] () -- C:\Users\sklep\Desktop\79.jpg [2012/12/07 20:12:49 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/12/02 20:03:21 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2012/12/02 20:03:21 | 000,001,980 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/11/25 12:41:49 | 000,076,216 | ---- | C] () -- C:\Windows\SysNative\drivers\117afe766bdbd539.sys [2012/11/16 07:10:07 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012/11/16 07:09:58 | 000,785,512 | ---- | C] () -- C:\Windows\SysNative\drivers\Wdf01000.sys [2012/11/16 07:09:58 | 000,054,376 | ---- | C] () -- C:\Windows\SysNative\drivers\WdfLdr.sys [2012/11/15 19:19:22 | 000,198,656 | ---- | C] () -- C:\Windows\SysNative\drivers\WUDFRd.sys [2012/11/15 19:19:22 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\drivers\WUDFPf.sys [2012/11/15 19:19:21 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012/11/15 00:11:02 | 003,149,824 | ---- | C] () -- C:\Windows\SysNative\win32k.sys [2012/11/15 00:10:59 | 001,914,248 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys [2012/11/15 00:10:59 | 000,045,568 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpipreg.sys [2012/06/21 20:32:50 | 000,047,104 | ---- | C] () -- C:\Windows\SysWow64\KMVIDC32.DLL [2012/06/21 19:44:30 | 000,593,920 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012/06/21 19:44:29 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2012/06/21 19:44:29 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012/06/21 19:44:29 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2012/06/21 19:44:29 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2012/03/21 00:28:09 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll [2012/03/21 00:28:09 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe [2012/03/21 00:28:09 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2012/03/20 16:33:51 | 000,524,288 | -HS- | C] () -- C:\Users\sklep\NTUSER.DAT{a00e996f-7c64-11e0-97d8-e5d5d5fc43bc}.TMContainer00000000000000000002.regtrans-ms [2012/03/20 16:33:51 | 000,524,288 | -HS- | C] () -- C:\Users\sklep\NTUSER.DAT{a00e996f-7c64-11e0-97d8-e5d5d5fc43bc}.TMContainer00000000000000000001.regtrans-ms [2012/03/20 16:33:51 | 000,066,208 | ---- | C] () -- C:\Users\sklep\AppData\Local\GDIPFONTCACHEV1.DAT [2012/03/20 16:33:51 | 000,065,536 | -HS- | C] () -- C:\Users\sklep\NTUSER.DAT{a00e996f-7c64-11e0-97d8-e5d5d5fc43bc}.TM.blf [2012/03/20 16:33:50 | 004,194,304 | -HS- | C] () -- C:\Users\sklep\NTUSER.DAT [2012/03/20 16:33:50 | 000,000,020 | -HS- | C] () -- C:\Users\sklep\ntuser.ini [2011/05/12 08:11:47 | 001,637,966 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/05/02 01:21:18 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011/05/02 01:21:15 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011/05/02 01:21:12 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011/05/02 01:21:09 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011/05/02 01:21:06 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2011/05/12 08:54:37 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Fujitsu [2011/05/12 08:54:37 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Fujitsu [2012/12/09 11:01:54 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\DAEMON Tools Lite [2011/05/12 08:54:37 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Fujitsu [2012/03/20 16:42:03 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Fujitsu Launch Center [2012/12/09 10:48:03 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\GoPlayer [2012/12/23 12:57:18 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\GoPlayer_downloader [2012/12/23 12:15:08 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\OpenCandy [2012/06/21 18:21:48 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\PLAY ONLINE [2012/12/01 16:17:03 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Rovio [2012/11/25 12:53:15 | 000,000,000 | ---D | M] -- C:\Users\sklep\AppData\Roaming\Tific [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2012/12/23 13:04:04 | 1541,894,144 | -HS- | M] () -- C:\hiberfil.sys [2012/12/23 13:50:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.exe [2012/12/23 13:04:09 | 2055,860,224 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_8d262bb914685338\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.21642_none_18a01f1dee8824aa\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009/07/14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [2009/07/14 01:00:13 | 000,006,656 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [2010/11/21 04:23:47 | 000,147,456 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\cdrom.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2008/06/06 13:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2011/04/12 02:40:22 | 000,950,656 | ---- | M] (Microsoft Corporation) MD5=303310C91F8C0740ED1C76851C759874 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.21628_none_066fff3d4bd0b870\ndis.sys [2012/08/22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys [2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys [2010/11/21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2011/04/12 02:40:22 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=C38B8AE57F78915905064A9A24DC1586 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17530_none_05d3903632c269df\ndis.sys [2012/08/22 19:12:40 | 000,950,128 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2012/12/23 13:41:26 | 000,259,656 | ---- | M] () MD5=4AEE5FED7BEFB3387234DD3AA2E5BDD6 -- C:\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe < End of report >[/log] Extras [log]OTL Extras logfile created on: 12/23/2012 1:52:30 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\ 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1.91 Gb Total Physical Memory | 0.77 Gb Available Physical Memory | 40.13% Memory free 3.83 Gb Paging File | 2.32 Gb Available in Paging File | 60.70% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 50.00 Gb Total Space | 5.86 Gb Free Space | 11.73% Space Free | Partition Type: NTFS Drive D: | 395.13 Gb Total Space | 349.24 Gb Free Space | 88.39% Space Free | Partition Type: NTFS Drive F: | 33.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: SKLEP-FUJITSU | User Name: sklep | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .exe[@ = exefile] -- C:\Windows\svchost.com () .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .exe [@ = exefile] -- C:\Windows\svchost.com () [HKEY_USERS\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- C:\Windows\svchost.com "%1" %* () helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- C:\Windows\svchost.com "%1" %* () helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07301401-D294-4C50-8DF4-B78F052BE391}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0785C062-9EDF-4DA3-8D6E-7341FF2E30A1}" = lport=445 | protocol=6 | dir=in | app=system | "{0D3C7444-1C69-4E59-916B-3BB637F4E1A1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{17150756-01CB-4406-9EE1-246505B39279}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{30849A37-399C-429B-8EFA-2745336081DA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{43BCFD70-4A23-423C-A567-A030B4876D1F}" = lport=137 | protocol=17 | dir=in | app=system | "{700303FB-C795-4B9A-A801-59950F28E85F}" = lport=2869 | protocol=6 | dir=in | app=system | "{776CFCC2-0DBB-40FD-A694-15C0E03CF064}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7B9A7BF9-A15E-4AE7-A397-0FD98B8684EE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7D046662-52FC-4FB2-87EC-9B7B5C19E6AE}" = lport=10243 | protocol=6 | dir=in | app=system | "{7F3233C3-A66F-4D19-89DF-A4BD35EC6A69}" = rport=137 | protocol=17 | dir=out | app=system | "{8E1E1B79-64C8-47A3-A021-2788D4715BD5}" = rport=139 | protocol=6 | dir=out | app=system | "{9B2951C4-EDFF-4583-988D-2648E68E9732}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9D666DC3-6FEC-4AC4-8169-47BC942FAD4D}" = rport=138 | protocol=17 | dir=out | app=system | "{A9F27766-7C64-4290-AA22-76266DDD7A44}" = lport=139 | protocol=6 | dir=in | app=system | "{AB147182-9829-46C0-8068-FC2B6A5A64AB}" = rport=445 | protocol=6 | dir=out | app=system | "{ADC9B70A-2439-4A05-AE75-6EC04FA0E841}" = rport=10243 | protocol=6 | dir=out | app=system | "{B415F50B-1211-4949-99B7-05BDBF4A2333}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CAFA6D2C-9F91-48BA-9A48-B7EB87511179}" = lport=138 | protocol=17 | dir=in | app=system | "{D58F6D80-9B61-4082-A946-D89DA141C7BF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DF7362D5-2BCC-4EE4-8050-A8AEBB53FEAF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E3AB3A43-5435-4EC9-9C65-846D35B4ADB4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{FFF96442-F3C4-4DC5-9906-6EDA5BA31E71}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04462EE9-AFCC-4B94-A876-35A8A5706ECA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{0714F232-E193-48C5-89DF-2D85CD326B77}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{10326CF3-4BA5-4582-B097-A76B4704AA42}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{196A28DB-71CF-44B8-BAC4-A0BD5E82CFB3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3D5036E5-2531-41A3-ADA3-EDB0AA4DC513}" = dir=in | name=core networking - system ip core | "{3D6B8CC2-9062-401C-A995-5017ABD748BD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{43BDC9E2-8808-4193-BB6C-AFE4743953C0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{4705023B-662B-49A7-B21D-34D398EF5745}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4E4F28E9-501A-4F71-9DC4-B21ADA95FF96}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr9.exe | "{5640200C-8E4C-43AA-A3B4-1D7DBE346928}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{5D42F6A9-C153-4B7B-AED8-63EB54D0E61A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{74E158D6-BB4F-48EE-A0AD-F56B45609B6B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{79B919AC-1015-4621-A074-582B23E57719}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{7F15B47E-5BF9-491A-9201-196133556063}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{94D1037F-42C5-4421-9EFE-D44E383E61A7}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{A381E0E8-75E2-460B-AC69-E8D3BA0CFE69}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | "{ABA8B654-54F6-4ADA-B362-9391CF45304D}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | "{AD576577-7128-4F84-A1CF-E69DFFD4E14E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{B62801D0-A7EF-4A80-B702-DBB774A00650}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{B7063BC6-BFD2-4E63-B9F9-B3CBB5C4A562}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C2D91E0A-39D2-4EE4-A7B7-4DDE3D0B1679}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C3B28FC3-0885-4878-9B3A-75CBBD60A6F1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{D0AC4F18-AC8E-4C63-9A67-D07C0DFF5CB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D48DDF3F-EA16-411E-B8A4-A54674DD3251}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{E4C8593B-EE53-488A-A914-1B2488A9213D}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | "{E638C8B9-6070-4B7C-BD79-2F7F6A72061B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E77EFF8B-EB04-427D-B198-324EFA5BCFDD}" = dir=out | name=core networking - system ip core | "{F7EF74F2-77D6-48AB-8F0E-F5178F7440B7}" = protocol=6 | dir=out | app=system | "{FAD9F5BC-B01F-43EB-AB02-CD1B627D48A9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{FB5C97E7-B7D7-4055-AB03-8E83C223E871}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "TCP Query User{966A3EAB-ABDA-46EA-84EC-965778B085FA}D:\fifa\game\fifa.exe" = protocol=6 | dir=in | app=d:\fifa\game\fifa.exe | "TCP Query User{E5E7696F-C58E-4EFA-8D8E-F47E18A50C0F}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "UDP Query User{A5D088CA-B913-40F0-8857-FE2A006E64F8}D:\fifa\game\fifa.exe" = protocol=17 | dir=in | app=d:\fifa\game\fifa.exe | "UDP Query User{AEA7FB89-E96C-4B51-8155-FA42244C8B99}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}" = Intel(R) PROSet/Wireless WiFi Software "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources "{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display "{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources "{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources "{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK "{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A5FADEAC-B0A9-4C27-A8B5-05381A339F4E}" = Plugfree NETWORK "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility "{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "ProInst" = Intel PROSet Wireless "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}" = SweetPacks bundle uninstaller "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{25680C01-6753-4FE9-A891-7857F26457C1}" = Intel(R) WiDi "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger "{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{49A588CF-5FD4-4774-BFBF-0764287DE82B}" = Power Saving Utility "{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger "{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}" = Anytime USB Charge Utility "{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials "{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh "{81FF29CE-2D23-45FC-8BDE-7491A15F2B02}" = NecroVisioN "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8FE212F5-8BF7-4CD1-BFF3-650B7EBD5CAC}" = Theatre of War 2: Africa "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9AB97F52-512B-43EF-AAEC-4825C17B32ED}" = EA.com Update "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7 "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources "{AC76BA86-7AD7-1045-7B44-A91000000001}" = Adobe Reader 9.1 - Polish "{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh "{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia "{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks "{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail "{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker "{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "ALLPlayer V3.0_is1" = ALLPlayer V3.X "DeskUpdate_is1" = DeskUpdate 4.11 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager "InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel "InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector "InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility "InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility "Intel AppUp(SM) center 29342" = Intel AppUp(SM) center "KLiteCodecPack_is1" = K-Lite Codec Pack 3.2.0 Full "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000 "McAfee Security Scan" = McAfee Security Scan Plus "Mozilla Firefox 17.0.1 (x86 pl)" = Mozilla Firefox 17.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "Paintball Shooter" = Paintball Shooter "PLAY ONLINE" = PLAY ONLINE "RealAlt_is1" = Real Alternative 2.0.2 "Shockwave" = Shockwave "SoftwareUpdUtility" = Download Updater (AOL Inc.) "Winamp" = Winamp "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = Archiwizator WinRAR [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3751716430-3808522729-3791616569-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "1323287040.portal.qtrax.com" = Qtrax Player "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 12/23/2012 7:35:26 AM | Computer Name = sklep-Fujitsu | Source = Software Protection Platform Service | ID = 1001 Description = Nie można uruchomić usługi ochrony oprogramowania. 0xD0000022 6.1.7601.17514 Error - 12/23/2012 7:38:32 AM | Computer Name = sklep-Fujitsu | Source = Software Protection Platform Service | ID = 1001 Description = Nie można uruchomić usługi ochrony oprogramowania. 0xD0000022 6.1.7601.17514 Error - 12/23/2012 7:39:50 AM | Computer Name = sklep-Fujitsu | Source = Software Protection Platform Service | ID = 1001 Description = Nie można uruchomić usługi ochrony oprogramowania. 0xD0000022 6.1.7601.17514 Error - 12/23/2012 7:49:23 AM | Computer Name = sklep-Fujitsu | Source = WinMgmt | ID = 10 Description = Error - 12/23/2012 7:58:07 AM | Computer Name = sklep-Fujitsu | Source = WinMgmt | ID = 10 Description = Error - 12/23/2012 8:00:09 AM | Computer Name = sklep-Fujitsu | Source = LMS | ID = 2 Description = Error - 12/23/2012 8:00:13 AM | Computer Name = sklep-Fujitsu | Source = LMS | ID = 2 Description = Error - 12/23/2012 8:04:43 AM | Computer Name = sklep-Fujitsu | Source = WinMgmt | ID = 10 Description = Error - 12/23/2012 8:06:24 AM | Computer Name = sklep-Fujitsu | Source = LMS | ID = 2 Description = Error - 12/23/2012 8:06:26 AM | Computer Name = sklep-Fujitsu | Source = LMS | ID = 2 Description = [ Media Center Events ] Error - 9/2/2012 2:50:05 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0 Description = 08:49:59 - Błąd podczas nawiązywania połączenia z Internetem. 08:49:59 - Nie można skontaktować się z serwerem.. Error - 9/2/2012 3:50:10 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0 Description = 09:50:10 - Błąd podczas nawiązywania połączenia z Internetem. 09:50:10 - Nie można skontaktować się z serwerem.. Error - 9/2/2012 3:50:16 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0 Description = 09:50:15 - Błąd podczas nawiązywania połączenia z Internetem. 09:50:15 - Nie można skontaktować się z serwerem.. Error - 9/7/2012 11:31:07 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0 Description = 17:31:06 - Błąd podczas nawiązywania połączenia z Internetem. 17:31:06 - Nie można skontaktować się z serwerem.. Error - 9/7/2012 11:31:16 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0 Description = 17:31:12 - Błąd podczas nawiązywania połączenia z Internetem. 17:31:12 - Nie można skontaktować się z serwerem.. Error - 9/7/2012 12:31:27 PM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0 Description = 18:31:27 - Błąd podczas nawiązywania połączenia z Internetem. 18:31:27 - Nie można skontaktować się z serwerem.. Error - 9/7/2012 12:31:38 PM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0 Description = 18:31:32 - Błąd podczas nawiązywania połączenia z Internetem. 18:31:32 - Nie można skontaktować się z serwerem.. Error - 9/8/2012 11:27:33 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0 Description = 17:27:32 - Błąd podczas nawiązywania połączenia z Internetem. 17:27:33 - Nie można skontaktować się z serwerem.. Error - 9/8/2012 11:27:43 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0 Description = 17:27:38 - Błąd podczas nawiązywania połączenia z Internetem. 17:27:38 - Nie można skontaktować się z serwerem.. Error - 9/16/2012 4:41:41 AM | Computer Name = sklep-Fujitsu | Source = MCUpdate | ID = 0 Description = 10:41:35 - Błąd podczas nawiązywania połączenia z Internetem. 10:41:35 - Nie można skontaktować się z serwerem.. [ System Events ] Error - 10/14/2012 2:41:22 PM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 10/14/2012 2:41:22 PM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 10/15/2012 4:37:20 AM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 10/15/2012 4:37:20 AM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 10/15/2012 8:27:41 AM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 10/15/2012 8:27:41 AM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error - 10/15/2012 9:30:04 AM | Computer Name = sklep-Fujitsu | Source = volsnap | ID = 393252 Description = Error - 10/15/2012 10:39:37 AM | Computer Name = sklep-Fujitsu | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 16:38:42 na ?2012-?10-?15 było nieoczekiwane. Error - 10/15/2012 10:39:52 AM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error - 10/15/2012 10:39:52 AM | Computer Name = sklep-Fujitsu | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 < End of report >[/log] Skan Malwarebytes [log]Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Wersja bazy: v2012.12.23.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 sklep :: SKLEP-FUJITSU [administrator] 2012-12-23 13:09:30 mbam-log-2012-12-23 (13-46-08).txt Typ skanowania: Pełne skanowanie (C:\|D:\|) Zaznaczone opcje skanowania: Pamięć | Rozruch | Rejestr | System plików | Heurystyka/Dodatkowe | Heuristyka/Shuriken | PUP | PUM Odznaczone opcje skanowania: P2P Przeskanowano obiektów: 312876 Upłynęło: 33 minut(y), 51 sekund(y) Wykrytych procesów w pamięci: 1 c:\windows\installer\{1bab117e-2744-3882-54be-2440349a0960}\syshost.exe (Trojan.Agent) -> 1696 -> Nie wykonano akcji. Wykrytych modułów w pamięci: 0 (Nie znaleziono zagrożeń) Wykrytych kluczy rejestru: 58 HKCR\TypeLib\{D5B25613-B7D8-455E-BAC4-58A6DC1D7FCC} (Trojan.Agent) -> Nie wykonano akcji. HKCR\Interface\{A6A69A1D-2F7F-4896-8BFD-B762C12AFB7D} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SYSTEM\CurrentControlSet\Services\Bluetooth Media Service (Trojan.Agent) -> Nie wykonano akcji. HKCR\TypeLib\{D37B5B2C-8D1B-4832-89E4-6FCE903B3A18} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SYSTEM\CurrentControlSet\Services\RichVideo (Trojan.Agent) -> Nie wykonano akcji. HKCR\TypeLib\{3FA81047-5A4E-4080-BFFF-5975AE5E06D0} (Trojan.Agent) -> Nie wykonano akcji. HKCR\Interface\{4B436489-7BDC-40D7-81FC-563B2E7D2F07} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SYSTEM\CurrentControlSet\Services\Bluetooth OBEX Service (Trojan.Agent) -> Nie wykonano akcji. HKLM\SYSTEM\CurrentControlSet\Services\LMS (Trojan.Agent) -> Nie wykonano akcji. HKLM\SYSTEM\CurrentControlSet\Services\PLAY ONLINE. RunOuc (Trojan.Agent) -> Nie wykonano akcji. HKCR\TypeLib\{9853D245-3E9D-4946-895A-F30D6396DEA6} (Trojan.Agent) -> Nie wykonano akcji. HKCR\Interface\{0B810B0A-AF72-4974-B47C-BFC1C0C4F770} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SYSTEM\CurrentControlSet\Services\UNS (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DeskUpdate_is1 (Trojan.Agent) -> Nie wykonano akcji. HKCR\TypeLib\{A7D71146-EBCD-4E6C-916C-E77865BCC53B} (Trojan.Agent) -> Nie wykonano akcji. HKCR\Interface\{8CA6C1BB-BE62-4739-80AB-D5ECC7605358} (Trojan.Agent) -> Nie wykonano akcji. HKCR\TypeLib\{41738EEA-442F-477F-92CF-2889BD6CD7E7} (Trojan.Agent) -> Nie wykonano akcji. HKCR\Interface\{D3F22039-E3CF-4FC4-9A30-426A46056B8C} (Trojan.Agent) -> Nie wykonano akcji. HKCR\TypeLib\{91814EB1-B5F0-11D2-80B9-00104B1F6CEA} (Trojan.Agent) -> Nie wykonano akcji. HKCR\Interface\{0BA4BA22-2EF0-11D3-88C8-00C04F72F303} (Trojan.Agent) -> Nie wykonano akcji. HKCR\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA} (Trojan.Agent) -> Nie wykonano akcji. HKCR\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GOOGLEUPDATE.EXE (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{399C37FB-08AF-493B-BFED-20FBD85EDF7F} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{49A588CF-5FD4-4774-BFBF-0764287DE82B} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{81FF29CE-2D23-45FC-8BDE-7491A15F2B02} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8FE212F5-8BF7-4CD1-BFF3-650B7EBD5CAC} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{96AE7E41-E34E-47D0-AC07-1091A8127911} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9AB97F52-512B-43EF-AAEC-4825C17B32ED} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814} (Trojan.Agent) -> Nie wykonano akcji. HKCR\TypeLib\{D75A5D20-5D60-431B-9A34-0C6AD697F5E0} (Trojan.Agent) -> Nie wykonano akcji. HKCR\Interface\{2D0DFF62-A867-4350-8DF0-48164EB1644B} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Intel AppUp(SM) center 29342 (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KLiteCodecPack_is1 (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ALLPlayer V3.0_is1 (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PLAY ONLINE (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RealAlt_is1 (Trojan.Agent) -> Nie wykonano akcji. HKCR\TypeLib\{92980B1C-033B-4B23-81C7-881168CBFFC9} (Trojan.Agent) -> Nie wykonano akcji. HKCR\Interface\{18362938-DDA0-40AC-99CA-1FE49DC8B699} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MOVIEMAKER.EXE (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WLXALBUMDOWNLOADWIZARD.EXE (Trojan.Agent) -> Nie wykonano akcji. HKCR\TypeLib\{5AB7792C-0F76-4003-AA47-5F075165D4DE} (Trojan.Agent) -> Nie wykonano akcji. HKCR\Interface\{5AB59828-D660-489E-AC97-F1996D5129B0} (Trojan.Agent) -> Nie wykonano akcji. HKCR\TypeLib\{9B5C8343-BDEE-475D-9D3B-3715C6B8972E} (Trojan.Agent) -> Nie wykonano akcji. HKCR\Interface\{9B5C3F21-CE7D-4EB7-8166-D1E09F30FF5E} (Trojan.Agent) -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver (Trojan.Agent) -> Nie wykonano akcji. HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SYSHOST32 (Trojan.Agent) -> Nie wykonano akcji. Wykrytych wartości rejestru: 13 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SweetIM (Trojan.Agent) -> Data: C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Sweetpacks Communicator (Trojan.Agent) -> Data: C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\RICHVIDEO.EXE (Trojan.Agent) -> Data: 1 -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\INSTALLSHIELD\ENGINE\6\INTEL 32\IKERNEL.EXE (Trojan.Agent) -> Data: 1 -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\INSTALLSHIELD\PROFESSIONAL\RUNTIME\11\50\INTEL32\ISBEW64.EXE (Trojan.Agent) -> Data: 1 -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\PX STORAGE ENGINE\PXCPYA64.EXE (Trojan.Agent) -> Data: 2 -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\PX STORAGE ENGINE\PXCPYI64.EXE (Trojan.Agent) -> Data: 2 -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\PX STORAGE ENGINE\PXHPINST.EXE (Trojan.Agent) -> Data: 2 -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\PX STORAGE ENGINE\PXINSA64.EXE (Trojan.Agent) -> Data: 2 -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\PX STORAGE ENGINE\PXINSI64.EXE (Trojan.Agent) -> Data: 2 -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\EFFECTEXTRACTOR.EXE (Trojan.Agent) -> Data: 2 -> Nie wykonano akcji. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\RICHVIDEOINSTALL.EXE (Trojan.Agent) -> Data: 1 -> Nie wykonano akcji. HKLM\SYSTEM\CurrentControlSet\Services\syshost32|ImagePath (Trojan.Agent) -> Data: "C:\Windows\Installer\{1BAB117E-2744-3882-54BE-2440349A0960}\syshost.exe" /service -> Nie wykonano akcji. Wykryte wpisy rejestru systemowego: 1 HKCR\exefile\shell\open\command| (Broken.OpenCommand) -> Złe: (C:\Windows\svchost.com "%1" %*) Dobre: ("%1" %*) -> Nie wykonano akcji. wykrytych folderów: 0 (Nie znaleziono zagrożeń) Wykrytych plików: 251 C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Fujitsu\Programs\DeskUpdate\DeskUpdate.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Fujitsu\Programs\DeskUpdate\ducmd.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Fujitsu\Programs\DeskUpdate\infinst64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Fujitsu\Programs\DeskUpdate\unins000.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Fujitsu\Programs\Google\FTSE_Google_Software_Installer.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Fujitsu\Programs\Nero\SetupX.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Fujitsu\Programs\Nero\Nero 9 Essentials\ipclog.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Fujitsu\Programs\Nero\Nero 9 Essentials\setupx.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Fujitsu\Webcam\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Fujitsu\Webcam\vcredist_x86.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\18 Wheels of Steel Haulin\haulin.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\18 Wheels of Steel Haulin\prism3d.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\18 Wheels of Steel Haulin\uninst.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\1C Publishing EU\NecroVisioN\Bin\NecroVisioN.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\1C Publishing EU\NecroVisioN\support\DirectX\DXSETUP.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Adobe\Reader 9.0\Reader\A3DUtility.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1045-7B44-A91000000001}\Setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\Intel Corporation\WiDiAgent\serviceManagerIWD.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\Intel Corporation\WiDiAgent\WiDiConnectTest64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\Intel Corporation\WiDiAgent\WiFiDnSServer.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\PX Storage Engine\pxcpya64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\PX Storage Engine\pxcpyi64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\PX Storage Engine\pxhpinst.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\PX Storage Engine\pxinsa64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\PX Storage Engine\pxinsi64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\SNP2UVC\vsnp2uvc.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\Software Update Utility\dnu.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\Windows Live\.cache\92f317d51cc107501\Silverlight.4.0.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\Windows Live\.cache\93381fbd1cc107502\DXSETUP.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Common Files\Windows Live\.cache\939032a71cc107503\DXSETUP.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\PowerDirector\CES_AudioCacheAgent.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\PowerDirector\CES_CacheAgent.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\PowerDirector\MotionMenuGenerator.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\PowerDirector\PDHanumanSvr.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\PowerDirector\PDR9.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\PowerDirector\UACAgent.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\PowerDirector\BigBang\CLUpdater.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\PowerDirector\OLRSubmission\OLRStateCheck.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\PowerDirector\OLRSubmission\OLRSubmission.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\PowerDirector\PDR32Agent\PDR32Agent.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\Shared files\EffectExtractor.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\Shared files\richvideoinstall.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\YouCam\OLRSubmission\OLRStateCheck.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\YouCam\OLRSubmission\OLRSubmission.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\CyberLink\YouCam\subsys\BigBang\Runtime\CLUpdater.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleUpdate.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleUpdateBroker.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleUpdateSetup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Google\Update\Download\{1BAE3D4B-BAAC-4A5B-A308-6409A33A08E3}\GoogleUpdateSetup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.123\GoogleUpdateSetup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.4.3230.2052\GoogleToolbarInstaller_updater_signed.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{4108974B-DE87-4AD4-9167-930C62C45691}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{49A588CF-5FD4-4774-BFBF-0764287DE82B}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{6226477E-444F-4DFE-BA19-9F4F7D4565BC}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{81FF29CE-2D23-45FC-8BDE-7491A15F2B02}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{8FE212F5-8BF7-4CD1-BFF3-650B7EBD5CAC}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{9AB97F52-512B-43EF-AAEC-4825C17B32ED}\Setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{C8E4B31D-337C-483D-822D-16F11441669B}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\CLZipTool.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{EC314CDF-3521-482B-A21C-65AC95664814}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\Bluetooth\btmsrvview.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\Bluetooth\libRun.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\Bluetooth\CoexDrivers\Dpinst64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\uninstall\Setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\uninstall\x64\Drv64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\uninstall\Setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\uninstall\x64\Drv64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\IntelAppStore\run_uninstaller.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\IntelAppStore\uninstall.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\IntelAppStore\bin\arh.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\IntelAppStore\bin\CrashReportSender.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\IntelAppStore\bin\ismShutdownTool.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\IntelAppStore\bin\jrh.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\IntelAppStore\bin\MappingClient.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\IntelAppStore\bin\MessageMediator.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel\IntelAppStore\bin\orphan_app_sync.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel Corporation\Intel WiDi\iwdaud_helper.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel Corporation\Intel WiDi\AudioDriver\iwdaud_helper.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Intel Corporation\Intel WiDi\Certificates\CertMgr.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mplayerc.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\K-Lite Codec Pack\tools\fixcodecs.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\K-Lite Codec Pack\tools\graphedit.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\K-Lite Codec Pack\tools\gspot\gspot.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\MarBit\ALLPlayer\ALLPlayer.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\MarBit\ALLPlayer\DivXMux.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\MarBit\ALLPlayer\unins000.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\McAfee Security Scan\uninstall.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\McAfee Security Scan\3.0.285\mcuicnt.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Microsoft Games\Age of Empires II\empires2.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Microsoft Games\Age of Empires II\empires22.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Microsoft Office\Options14\OOBESTUB.EXE (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\AddPbk.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\mt.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\subinacl.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\uninst.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\XStartScreen.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\AutoRun\AutoRunSetup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\AutoRun\AutoRunUninstall.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\Driver\devsetup32.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\Driver\devsetup64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\Driver\DriverSetup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\Driver\DriverUninstall.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\UpdateDog\LiveUpd.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\PLAY ONLINE\UpdateDog\RunOuc.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Play.com.pl\Paintball Shooter\Paintball.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Real Alternative\mpclauncher.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Real Alternative\settings.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Real Alternative\unins000.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Real Alternative\Media Player Classic\mplayerc.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Real Alternative\Update_OB\upgrdhlp.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Realtek\Audio\Drivers\RtlUpd64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Realtek\Audio\InstallShield\Rtkupd64.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\revcon.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RmbChange.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Installer\defmgr.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Installer\LangSelector.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Installer\wlarp.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Installer\wlsettings.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Installer\wlstartup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Photo Gallery\WindowsLivePhotoViewer.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Photo Gallery\WLXAlbumDownloadWizard.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Photo Gallery\WLXCodecHost.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Photo Gallery\WLXQuickTimeControlHost.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Photo Gallery\WLXTranscode.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoAcquireWizard.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\WinRAR\Rar.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\WinRAR\Uninstall.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\WinRAR\UnRAR.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Program Files (x86)\WinRAR\WinRAR.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\DatacardService\DCService.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\DatacardService\HWDeviceService.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\setup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.cs-cz\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.cs-cz\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.en-us\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.en-us\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.es-es\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.es-es\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.fr-fr\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.fr-fr\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.pl-pl\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.pl-pl\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.pt-pt\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.pt-pt\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.sk-sk\DW20.EXE (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\Office.sk-sk\dwtrig20.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\Office14\SingleImage.WW\ose.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\cs-cz\Office.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\cs-cz\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\cs-cz\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\en-us\Office.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\en-us\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\en-us\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\es-es\Office.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\es-es\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\es-es\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\fr-fr\Office.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\fr-fr\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\fr-fr\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\pl-pl\Office.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\pl-pl\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\pl-pl\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\pt-pt\Office.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\pt-pt\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\pt-pt\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\sk-sk\Office.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\sk-sk\SetupConsumerC2R.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\Microsoft\OEMOffice14\OStarter\sk-sk\SetupConsumerC2ROLW.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\PLAY ONLINE\OnlineUpdate\LiveUpd.exe (Trojan.Agent) -> Nie wykonano akcji. C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Users\sklep\AppData\Local\Microsoft\Windows Live\Installer\Catalog\wlsetup.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Users\sklep\AppData\Local\Temp\MSS\3.0.285.6\McUICnt.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Users\sklep\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\k3yp5ojf\marw9mf4.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Users\sklep\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\nraf31sv\npjrsbha.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Users\sklep\AppData\Roaming\OpenCandy\3E516B6657814A77A43344ED47B6C914\pcspeedup_oc.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Users\sklep\AppData\Roaming\PLAY ONLINE\ouc.exe (Trojan.Agent) -> Nie wykonano akcji. C:\Windows\svchost.com (Trojan.Agent) -> Nie wykonano akcji. D:\Fifa\unins000.exe (Trojan.Agent) -> Nie wykonano akcji. D:\Fifa\Game\Core\activation.exe (Trojan.Agent) -> Nie wykonano akcji. D:\Fifa\Game\Core\EACoreServer.exe (Trojan.Agent) -> Nie wykonano akcji. D:\Fifa\Game\Core\EAProxyInstaller.exe (Trojan.Agent) -> Nie wykonano akcji. D:\Fifa\Game\Core\PatchProgress.exe (Trojan.Agent) -> Nie wykonano akcji. D:\Fifa\Game\fifasetup\fifaconfig.exe (Trojan.Agent) -> Nie wykonano akcji. D:\Fifa\__Installer\Cleanup.exe (Trojan.Agent) -> Nie wykonano akcji. D:\Fifa\__Installer\Touchup.exe (Trojan.Agent) -> Nie wykonano akcji. D:\Fifa\__Installer\directx\redist\DXSETUP.exe (Trojan.Agent) -> Nie wykonano akcji. D:\Fifa\__Installer\vc\vc2008sp1\redist\vcredist_x64.exe (Trojan.Agent) -> Nie wykonano akcji. D:\Fifa\__Installer\vc\vc2008sp1\redist\vcredist_x86.exe (Trojan.Agent) -> Nie wykonano akcji. D:\hard\18_Wheels_of_Steel_Pedal_to_the_Metal\18 Wheels of Steel Pedal to the Metal\pp_1.1_patch.exe (Trojan.Agent) -> Nie wykonano akcji. D:\mini gry\mario.exe (Trojan.Agent) -> Nie wykonano akcji. D:\mini gry\BarbarianReturnsV1.10\Barbarian.exe (Trojan.Agent) -> Nie wykonano akcji. D:\nfs\EXPLORER.EXE (Password.Stealer) -> Nie wykonano akcji. D:\nfs\lpl.exe (Trojan.Agent) -> Nie wykonano akcji. D:\nfs\ProStreet.exe (Trojan.Agent) -> Nie wykonano akcji. D:\nfs\PB\PnkBstrA.exe (Trojan.Agent) -> Nie wykonano akcji. D:\nfs\PB\PnkBstrB.exe (Trojan.Agent) -> Nie wykonano akcji. D:\nfs\Support\Need for Speed ProStreet_code.exe (Trojan.Agent) -> Nie wykonano akcji. D:\nfs\Support\Need for Speed ProStreet_uninst.exe (Trojan.Agent) -> Nie wykonano akcji. D:\war\options.exe (Trojan.Agent) -> Nie wykonano akcji. D:\war\MissionEditor\MissionGen.exe (Trojan.Agent) -> Nie wykonano akcji. D:\war\rt\bin\unpack200.exe (Trojan.Agent) -> Nie wykonano akcji. c:\windows\syshost.exe (Trojan.Downloader) -> Nie wykonano akcji. c:\users\sklep\appdata\local\temp\syshost.exe (Spyware.Agent) -> Nie wykonano akcji. c:\windows\serviceprofiles\localservice\appdata\local\temp\syshost.exe (Spyware.Agent) -> Nie wykonano akcji. c:\windows\serviceprofiles\networkservice\appdata\local\temp\syshost.exe (Spyware.Agent) -> Nie wykonano akcji. c:\windows\temp\syshost.exe (Spyware.Agent) -> Nie wykonano akcji. c:\windows\installer\{1bab117e-2744-3882-54be-2440349a0960}\syshost.exe (Trojan.Agent) -> Nie wykonano akcji. (zakończone)[/log]
Gość komentarz 23 grudnia 2012 komentarz 23 grudnia 2012 (edytowane) Wesołych Świąt 1. Uruchom OTL i w okno [b]Własne opcje skanowania /skrypt[/b] Wklej [code] :OTL IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...D-4C80933FA20E} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim....D-4C80933FA20E} IE - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...D-4C80933FA20E} FF - prefs.js..browser.search.defaultenginename: "SweetIM Search" FF - prefs.js..browser.search.order.1: "v9" FF - prefs.js..browser.search.selectedEngine: "SweetIM Search" FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&barid={B8816DC0-4CF1-11E2-B55D-4C80933FA20E}&q=" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "v9" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "v9" O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-3751716430-3808522729-3791616569-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe () O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk = File not found O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk = File not found :Files C:\Users\sklep\AppData\Local\Temp\3582-490\SweetIM.exe C:\Program Files (x86)\SweetIM C:\ProgramData\SweetIM C:\Windows\svchost.com :Commands [emptytemp] [/code] Kliknij [b]Wykonaj skrypt[/b] [quote] O35:64bit: - HKLM\..exefile [open] -- [b]C:\Windows\svchost.com[/b] "%1" %* () O35 - HKLM\..exefile [open] -- [b]C:\Windows\svchost.com[/b] "%1" %* () O37:64bit: - HKLM\...exe [@ = exefile] -- [b]C:\Windows\svchost.com[/b] "%1" %* () O37 - HKLM\...exe [@ = exefile] -- [b]C:\Windows\svchost.com[/b] "%1" %* () [2012/12/23 13:50:43 | 000,000,052 | ---- | M] () -- [b]C:\Windows\directx.sys[/b] [2012/12/23 12:20:47 | 000,041,472 | ---- | M] () -- [b]C:\Windows\svchost.com[/b] [/quote]To oznaka paskudnego wirusa infekującego pliki wykonywalne neshta [quote] [2010/11/21 04:23:47 | 000,147,456 | ---- | M] () [b]Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\cdrom.sys [2009/07/14 01:00:13 | 000,006,656 | ---- | M] () [b]Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\beep.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] () [b]Unable to obtain MD5[/b] -- C:\Windows\SysNative\drivers\atapi.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] () [b]Unable to obtain MD5 [/b]-- C:\Windows\SysNative\drivers\AGP440.sys [2012/11/25 12:41:49 | 000,076,216 | ---- | C] () -- C:\Windows\SysNative\drivers\[b]117afe766bdbd539.sys[/b] [/quote] To mi wyglada bardzo nie przyjemnie jakby system był zainfekowany necursem ale sterownika w wpisach nie widzę robisz tak: Skan [url="http://support.kaspersky.com/downloads/utils/tdsskiller.exe"]Kaspersky TDSS killer[/url] jeżeli wykryje ten sterownik który podkreśliłem na czerwono zostawiasz mu domyślną akcje powinna to być delete ale nie jestem pewien zezwolisz mu na dezynfekcje i podasz z tego log Wyskanujesz system skanerem [url="http://pc-com.pl/topic/8-poradnik-infekcje-w-plikach-wykonywalnych/#entry68"]Dr.Web cureIT[/url](pełne skany) tyle razy az nie wykryje zainfekowanego pliku (zarażone pliki maja być leczone a co się nie da usuwane) Podasz nowy log z [url="http://support.kaspersky.com/downloads/utils/tdsskiller.exe"]TDSS killer[/url](akcje ustawisz na skip) I nowy log z OTL
Gość komentarz 23 grudnia 2012 komentarz 23 grudnia 2012 tak wykonujesz skrypt po tym tdss killer i Dr.web do puki nie zwróci 0 zainfekowanych plików (oczywiście pełne skany) po tym nowy z tdss killera i OTL
pawel78963 komentarz 23 grudnia 2012 Autor komentarz 23 grudnia 2012 Może się coś stać jeśli wykonam sam skrypt bez wykonania skanów tdss killer itd.? Wolę być ostrożny to nie mój laptop.
Natsuki Kuga komentarz 23 grudnia 2012 komentarz 23 grudnia 2012 [quote name='pawel78963' timestamp='1356290774' post='1651688'] Może się coś stać jeśli wykonam sam skrypt bez wykonania skanów tdss killer itd.? Wolę być ostrożny to nie mój laptop. [/quote] Sam skrypt nie wyleczy infekcji plików wykonywalnych. Albo wykonasz wszystko albo nic.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.