maryjanek utworzono 26 grudnia 2012 utworzono 26 grudnia 2012 (edytowane) Witam, ostatnio na facebooku ludzie zaczli wysylac na tablice sobie napisy "patrz twoje foty *link*" pod linkiem, kryje sie plik, ktory sie pobiera, my mamy go na pulpicie, dajemy uruchom i magicznie plik znika z pulpitu i w procesach nic nie ma (a nazwa pliku to byla cos w stylu "yoursexphotos.exe"). Dzien jest spokoj, a nastepnego dnia, moj AVG wykrywa mi konia trojanskiego w pliku sacu.exe, wirus nazywal sie sheur4.axdt. Pobralem Kasperskiego, usunalem AVG, zainstalowalem Kasperskiego, zaktualizowalem go i potem sam wykryl wirusa, usunal go, komputer zalaczyl sie na nowo. Nastepnie przeskanowalem nim caly komputer i nic nie znalazl, wiec go usunalem i znowu zainstalowalem AVG, ale pomylilem sie i mam wersje testowa jeszcze przez 29 dni, zamiast zwyklej darmowej. Przeskanowalem komputer OTL tak jak pisano na forum, zalaczam logi: OTL.txt [log]OTL logfile created on: 2012-12-26 19:57:35 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Windows\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 61,83% Memory free 4,00 Gb Paging File | 2,91 Gb Available in Paging File | 72,66% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 34,86 Gb Total Space | 6,04 Gb Free Space | 17,32% Space Free | Partition Type: NTFS Drive D: | 39,57 Gb Total Space | 12,56 Gb Free Space | 31,75% Space Free | Partition Type: NTFS Computer Name: WIN-KOMPUTER | User Name: Windows | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-12-26 18:04:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Windows\Desktop\OTL.exe PRC - [2012-12-25 19:42:38 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012-11-06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgui.exe PRC - [2012-11-06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgidsagent.exe PRC - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgwdsvc.exe PRC - [2012-10-10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- D:\Programy\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-12-26 18:04:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Windows\Desktop\OTL.exe MOD - [2012-11-14 03:48:26 | 012,320,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll MOD - [2012-11-14 03:14:59 | 009,738,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll MOD - [2012-11-14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2012-11-14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2012-11-14 02:49:19 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll MOD - [2012-11-14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2012-11-06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgui.exe MOD - [2012-11-06 00:11:52 | 002,606,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgkrnlapix.dll MOD - [2012-10-29 03:38:18 | 001,001,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgcfgx.dll MOD - [2012-10-22 13:04:38 | 002,024,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avguires.dll MOD - [2012-10-22 13:04:36 | 000,025,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgapps.dll MOD - [2012-10-22 13:04:16 | 000,797,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgsysx.dll MOD - [2012-10-22 13:04:12 | 000,862,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgntopensslx.dll MOD - [2012-10-22 13:04:10 | 000,311,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avglogx.dll MOD - [2012-10-22 13:04:10 | 000,177,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avglngx.dll MOD - [2012-10-22 13:04:08 | 000,481,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgcommx.dll MOD - [2012-10-22 13:04:08 | 000,403,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgdecider.dll MOD - [2012-10-22 13:04:04 | 000,348,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgidpmx.dll MOD - [2012-10-22 13:03:44 | 000,279,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgclitx.dll MOD - [2012-10-09 18:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll MOD - [2012-10-04 17:47:41 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2012-10-04 17:47:40 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2012-08-24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe MOD - [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2012-06-02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2012-06-02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2012-06-02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2012-05-05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2012-03-03 06:31:19 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll MOD - [2012-01-04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2011-12-31 12:25:01 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll MOD - [2011-12-16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011-06-11 01:58:52 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100u.dll MOD - [2011-06-11 01:58:52 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll MOD - [2011-06-11 01:58:52 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll MOD - [2011-06-11 01:58:52 | 000,055,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100enu.dll MOD - [2011-05-24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011-05-24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011-05-03 05:30:02 | 000,741,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\inetcomm.dll MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2011-02-19 07:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll MOD - [2011-01-17 06:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll MOD - [2010-11-20 04:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010-11-20 04:21:40 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll MOD - [2010-11-20 04:21:38 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010-11-20 04:21:38 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010-11-20 04:21:38 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll MOD - [2010-11-20 04:21:36 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010-11-20 04:21:34 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-11-20 04:21:28 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll MOD - [2010-11-20 04:21:28 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\t2embed.dll MOD - [2010-11-20 04:21:28 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010-11-20 04:21:26 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010-11-20 04:21:20 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010-11-20 04:21:16 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010-11-20 04:21:16 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010-11-20 04:21:06 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010-11-20 04:21:04 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010-11-20 04:21:04 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010-11-20 04:20:58 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010-11-20 04:20:50 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-11-20 04:20:50 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010-11-20 04:20:30 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010-11-20 04:19:46 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010-11-20 04:19:24 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010-11-20 04:18:38 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll MOD - [2010-11-20 04:18:26 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll MOD - [2010-11-20 04:18:26 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010-11-20 04:18:24 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010-11-20 04:18:04 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010-11-20 04:18:04 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010-11-20 04:16:52 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010-11-20 04:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010-11-20 04:08:58 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010-11-20 04:08:52 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010-11-20 04:08:52 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010-11-20 03:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 02:15:46 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msoert2.dll MOD - [2009-07-14 02:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimtf.dll MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2009-07-14 02:06:08 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\INETRES.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-12-25 19:42:38 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012-11-06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Programy\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Programy\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2012-10-10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-09-29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- D:\Programy\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programy\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012-09-20 13:33:22 | 050,899,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programy\Microsoft Office 2010\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-06-11 10:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012-01-30 21:56:34 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-10-22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:[b]64bit:[/b] - [2012-10-15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:[b]64bit:[/b] - [2012-10-05 03:32:50 | 000,111,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:[b]64bit:[/b] - [2012-10-02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:[b]64bit:[/b] - [2012-09-29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012-09-21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:[b]64bit:[/b] - [2012-09-21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:[b]64bit:[/b] - [2012-09-14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:[b]64bit:[/b] - [2012-06-11 10:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-12-29 13:17:55 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2011-12-01 11:42:44 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol) DRV:[b]64bit:[/b] - [2011-12-01 11:42:44 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp) DRV:[b]64bit:[/b] - [2011-11-15 04:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:[b]64bit:[/b] - [2011-07-08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-20 03:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010-11-20 02:43:58 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2010-08-12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET) DRV:[b]64bit:[/b] - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:[b]64bit:[/b] - [2010-02-25 17:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2008-07-29 04:47:00 | 001,075,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb) DRV - [2012-01-21 15:38:29 | 000,023,080 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&uid=WDC_WD800BB-00DKA0_WD-WCAHL2555076&ts=1347112262"]http://www.v9.com/?u...6&ts=1347112262[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&uid=WDC_WD800BB-00DKA0_WD-WCAHL2555076&ts=1347112262"]http://www.v9.com/?u...6&ts=1347112262[/url] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://www.bing.com/search?q=%7BsearchTerms%7D&FORM=IE8SRC"]http://www.bing.com/...ms}&FORM=IE8SRC[/url] IE - HKLM\..\SearchScopes\{B95BEC67-55A1-4549-B178-31626D0A5B8D}: "URL" = [url="http://startsear.ch/?aff=2&src=sp&cf=20fc24d1-ea20-11e1-9543-00241da4ea74&q=%7BsearchTerms%7D"]http://startsear.ch/...q={searchTerms}[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&uid=WDC_WD800BB-00DKA0_WD-WCAHL2555076&ts=1347112262"]http://www.v9.com/?u...6&ts=1347112262[/url] IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&uid=WDC_WD800BB-00DKA0_WD-WCAHL2555076&ts=1347112262"]http://www.v9.com/?u...6&ts=1347112262[/url] IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes,DefaultScope = {B95BEC67-55A1-4549-B178-31626D0A5B8D} IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.v9.com/web/?q=%7BsearchTerms%7D"]http://search.v9.com...q={searchTerms}[/url] IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = [url="http://search.v9.com/web/?q=%7BsearchTerms%7D"]http://search.v9.com...q={searchTerms}[/url] IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes\{8CF4B1EF-207D-4F90-9C30-6B4A6A62AC7B}: "URL" = [url="http://www.google.com/search?hl=pl&q=%7BsearchTerms%7D"]http://www.google.co...q={searchTerms}[/url] IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes\{B95BEC67-55A1-4549-B178-31626D0A5B8D}: "URL" = [url="http://startsear.ch/?aff=2&src=sp&cf=20fc24d1-ea20-11e1-9543-00241da4ea74&q=%7BsearchTerms%7D"]http://startsear.ch/...q={searchTerms}[/url] IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes\{C55A7213-2DC5-49D5-93E7-76F4DA773C1C}: "URL" = [url="http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p=%7BsearchTerms%7D"]http://search.yahoo....p={searchTerms}[/url] IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes\{C68C8B56-22CC-4B7A-8BB3-5ACF9DF123DE}: "URL" = [url="http://websearch.ask.com/redirect?client=ie&tb=IMB&o=15785&src=kw&q=%7BsearchTerms%7D&locale=&apn_ptnrs=HQ&apn_dtid=YYYYYYYYPL&apn_uid=462787a4-407d-46ba-beab-8add975724f3&apn_sauid=10B7BCE9-3055-412D-A3F4-314027C0F8C3"]http://websearch.ask...F4-314027C0F8C3[/url] IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "error" FF - prefs.js..browser.search.order.1: "error" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.pl/firefox" FF - prefs.js..extensions.enabledAddons: %7Bc50ca3c4-5656-43c2-a061-13e717f73fc8%7D:4.2.4 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..keyword.URL: "error" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Programy\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\Programy\Java\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programy\Adobe Reader X\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Windows\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Windows\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Windows\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: D:\Programy\Mozilla Firefox\components [2012-12-06 15:16:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: D:\Programy\Mozilla Firefox\plugins [2012-12-06 15:16:08 | 000,000,000 | ---D | M] [2012-04-10 10:17:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows\AppData\Roaming\mozilla\Extensions [2012-12-15 12:00:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows\AppData\Roaming\mozilla\Firefox\Profiles\ypbnexiu.default\extensions [2012-12-15 12:00:49 | 000,316,317 | ---- | M] () (No name found) -- C:\Users\Windows\AppData\Roaming\mozilla\firefox\profiles\ypbnexiu.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi [color=#E56717]========== Chrome ==========[/color] CHR - homepage: [url="http://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&uid=WDC_WD800BB-00DKA0_WD-WCAHL2555076&ts=1347112262"]http://www.v9.com/?u...6&ts=1347112262[/url] CHR - default_search_provider: v9 (Enabled) CHR - default_search_provider: search_url = [url="http://search.v9.com/web/?q=%7BsearchTerms%7D"]http://search.v9.com...q={searchTerms}[/url] CHR - default_search_provider: suggest_url = , CHR - homepage: [url="http://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&uid=WDC_WD800BB-00DKA0_WD-WCAHL2555076&ts=1347112262"]http://www.v9.com/?u...6&ts=1347112262[/url] CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Windows\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Windows\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Windows\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Windows\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Enabled) = D:\Programy\Adobe Reader X\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Google Update (Enabled) = C:\Users\Windows\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: StartSearch Video plug-in = C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\ CHR - Extension: YouTube = C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: LiveVDO plugin = C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\ CHR - Extension: Gmail = C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\Microsoft Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programy\Java\bin\ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [BCSSync] D:\Programy\Microsoft Office 2010\Office14\BCSSync.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AVG_UI] D:\Programy\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000..\Run: [360Amigo] D:\Programy\360Amigo\360Amigo.exe (360 Amigo) O4 - HKU\S-1-5-21-3579618863-3005018423-1962738702-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-3579618863-3005018423-1962738702-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://D:\Programy\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - D:\Programy\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://D:\Programy\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Wyślij &do programu OneNote - D:\Programy\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programy\Microsoft Office 2010\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programy\Microsoft Office 2010\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_30) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_30) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_30) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 10.9.2) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 10.9.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab"]http://fpdownload2.m...ent/swflash.cab[/url] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D268F165-161E-46FD-B7EB-1ECA4DBD1455}: DhcpNameServer = 192.168.1.1 0.0.0.0 O18 - Protocol\Handler\ms-help - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programy\Microsoft Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-12-26 19:47:55 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Roaming\AVG2013 [2012-12-26 19:47:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2012-12-26 19:46:48 | 000,000,000 | -H-D | C] -- C:\$AVG [2012-12-26 19:46:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013 [2012-12-26 18:22:12 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Local\Avg2013 [2012-12-26 18:04:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Windows\Desktop\OTL.exe [2012-12-26 13:51:34 | 000,000,000 | ---D | C] -- C:\Users\Windows\Documents\FLiNGTrainer [2012-12-25 20:03:27 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Local\PunkBuster [2012-12-25 20:02:04 | 000,000,000 | ---D | C] -- C:\Users\Windows\Documents\Ubisoft [2012-12-25 19:27:56 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Roaming\Ubisoft [2012-12-19 18:28:45 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Local\Ubisoft Game Launcher [2012-12-19 18:25:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2012-12-17 20:09:43 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Local\SniperV2 [2012-12-17 20:09:09 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Local\SKIDROW [2012-12-17 16:25:55 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012-12-09 15:27:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2012-11-28 20:48:21 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Roaming\TuneUp Software [2012-11-28 20:46:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012-11-28 20:46:35 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Local\MFAData [2012-11-28 20:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2012-11-27 16:12:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012-11-26 15:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoKMS [2012-11-25 17:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2012-11-25 17:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-11-25 17:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-11-25 17:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2012-11-25 17:21:52 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-11-25 17:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework [2012-11-25 17:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2012-11-25 17:19:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2012-11-25 17:16:35 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW [2012-11-25 17:16:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2012-11-25 17:16:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2012-11-25 17:15:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012-11-25 14:59:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache [2012-11-24 20:54:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LiveVDO plugin [2012-11-19 16:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012-11-16 21:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink [2012-11-16 21:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\SlySoft [2012-11-09 19:53:08 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader [2012-11-09 19:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader [2012-11-03 11:28:46 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Roaming\DMCache [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-12-26 19:49:54 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-12-26 19:49:54 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-12-26 19:42:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-12-26 19:27:20 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3579618863-3005018423-1962738702-1000UA.job [2012-12-26 18:35:38 | 001,662,556 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-12-26 18:35:38 | 000,737,730 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-12-26 18:35:38 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-12-26 18:35:38 | 000,154,418 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-12-26 18:35:38 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-12-26 18:08:32 | 000,012,904 | ---- | M] () -- C:\Users\Windows\Desktop\bookmarks-2012-12-26.json [2012-12-26 18:04:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Windows\Desktop\OTL.exe [2012-12-26 17:27:15 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3579618863-3005018423-1962738702-1000Core.job [2012-12-26 15:29:51 | 000,282,696 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012-12-26 15:29:51 | 000,282,696 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-12-26 13:51:13 | 000,558,252 | ---- | M] () -- C:\Users\Windows\Desktop\Ghost Recon Future Soldier - trainer+12.rar [2012-12-26 13:09:58 | 000,282,696 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012-12-25 20:01:55 | 000,000,665 | ---- | M] () -- C:\Users\Windows\Desktop\Future Soldier — skrót.lnk [2012-12-25 19:42:38 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-12-22 15:42:47 | 006,874,007 | ---- | M] () -- C:\Users\Windows\Desktop\Jingle Bells - Official 2012_2013 Techno Remix -.mp3 [2012-12-22 15:41:04 | 000,056,832 | ---- | M] () -- C:\Users\Windows\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-12-22 11:04:26 | 000,417,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-12-19 19:08:41 | 010,655,755 | ---- | M] () -- C:\Users\Windows\Desktop\Taio Cruz-Fast car (8 Barz Remix).mp3 [2012-12-19 18:57:00 | 006,497,437 | ---- | M] () -- C:\Users\Windows\Desktop\Michael Mind Project Feat. Dante Thomas - Nothing Lasts Forever (Radio Edit) (CDQ) ( 2o12 ).mp3 [2012-12-12 19:38:37 | 003,242,944 | ---- | M] () -- C:\Users\Windows\Desktop\DJ Antoine vs Mad Mark-Broadway (Da Brozz Remix).mp3 [2012-12-11 16:16:33 | 006,945,181 | ---- | M] () -- C:\Users\Windows\Desktop\Let's Go Project - Yeke Yeke ( Kuba S & Fisher Remix ).mp3 [2012-12-11 16:06:07 | 008,560,768 | ---- | M] () -- C:\Users\Windows\Desktop\Kalwi & Remi feat. Nadia Gattas - Africa (Radio Edit) (www.djoles.pl).mp3 [2012-12-11 16:04:27 | 005,601,181 | ---- | M] () -- C:\Users\Windows\Desktop\Tacabro - ASI ASI (Original Mix) HD.mp3 [2012-12-02 20:26:58 | 007,803,504 | ---- | M] () -- C:\Users\Windows\Desktop\Avicii-Last Dance.mp3 [2012-12-02 20:24:54 | 008,613,137 | ---- | M] () -- C:\Users\Windows\Desktop\Cascada-The rhythm of the night (Cardinal Edit).mp3 [2012-12-02 20:22:23 | 007,490,971 | ---- | M] () -- C:\Users\Windows\Desktop\Glamrock Brothers-Push the feeling on 2k12.mp3 [2012-12-02 20:20:45 | 007,551,627 | ---- | M] () -- C:\Users\Windows\Desktop\Tiesto ft. Allure-Pair of dice.mp3 [2012-12-01 16:08:49 | 008,403,068 | ---- | M] () -- C:\Users\Windows\Desktop\GrooveBusterz ft. Slayback-U&I.mp3 [2012-11-28 20:41:44 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat [2012-11-27 19:39:18 | 006,855,660 | ---- | M] () -- C:\Users\Windows\Desktop\Remady & Manu-Higher ground.mp3 [2012-11-23 16:31:30 | 000,007,597 | ---- | M] () -- C:\Users\Windows\AppData\Local\Resmon.ResmonCfg [2012-11-17 12:30:06 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib [2012-11-16 21:08:00 | 000,000,391 | ---- | M] () -- C:\Users\Windows\AppData\Roaming\burnaware.ini [2012-11-09 20:07:18 | 003,338,325 | ---- | M] () -- C:\Users\Windows\Desktop\Darius & Finlay ft. Carlprit-Do it all night.mp3 [2012-11-09 20:05:21 | 007,951,476 | ---- | M] () -- C:\Users\Windows\Desktop\Danceboy vs. Cary August-Drive by (Thomas Remix).mp3 [2012-11-09 19:54:59 | 008,193,181 | ---- | M] () -- C:\Users\Windows\Desktop\Daisy Hicks-Electric love.mp3 [2012-11-09 19:46:14 | 008,050,385 | ---- | M] () -- C:\Users\Windows\Desktop\Manuel Lauren-DJ Aflame.mp3 [2012-11-09 19:43:42 | 003,278,264 | ---- | M] () -- C:\Users\Windows\Desktop\Heads Will Roll-Yeah 3X (A-Trak Remix).mp3 [2012-11-09 19:36:17 | 008,070,877 | ---- | M] () -- C:\Users\Windows\Desktop\Remady & Manu ft. Amanda Wilson-Doing it right.mp3 [2012-11-09 19:27:43 | 009,412,233 | ---- | M] () -- C:\Users\Windows\Desktop\Carlprit-Fiesta (Michael Mind Project Edit).mp3 [2012-11-09 19:24:27 | 008,252,987 | ---- | M] () -- C:\Users\Windows\Desktop\Alexandra Shine-Play that game (Stephan F Remix).mp3 [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-12-26 18:08:32 | 000,012,904 | ---- | C] () -- C:\Users\Windows\Desktop\bookmarks-2012-12-26.json [2012-12-26 13:51:12 | 000,558,252 | ---- | C] () -- C:\Users\Windows\Desktop\Ghost Recon Future Soldier - trainer+12.rar [2012-12-25 20:03:32 | 000,282,696 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012-12-25 20:01:55 | 000,000,665 | ---- | C] () -- C:\Users\Windows\Desktop\Future Soldier — skrót.lnk [2012-12-25 19:19:11 | 000,282,696 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-12-25 19:19:11 | 000,282,696 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012-12-25 19:19:09 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-12-22 15:42:27 | 006,874,007 | ---- | C] () -- C:\Users\Windows\Desktop\Jingle Bells - Official 2012_2013 Techno Remix -.mp3 [2012-12-19 19:08:09 | 010,655,755 | ---- | C] () -- C:\Users\Windows\Desktop\Taio Cruz-Fast car (8 Barz Remix).mp3 [2012-12-19 18:56:45 | 006,497,437 | ---- | C] () -- C:\Users\Windows\Desktop\Michael Mind Project Feat. Dante Thomas - Nothing Lasts Forever (Radio Edit) (CDQ) ( 2o12 ).mp3 [2012-12-12 19:38:36 | 003,242,944 | ---- | C] () -- C:\Users\Windows\Desktop\DJ Antoine vs Mad Mark-Broadway (Da Brozz Remix).mp3 [2012-12-11 16:16:19 | 006,945,181 | ---- | C] () -- C:\Users\Windows\Desktop\Let's Go Project - Yeke Yeke ( Kuba S & Fisher Remix ).mp3 [2012-12-11 16:06:02 | 008,560,768 | ---- | C] () -- C:\Users\Windows\Desktop\Kalwi & Remi feat. Nadia Gattas - Africa (Radio Edit) (www.djoles.pl).mp3 [2012-12-11 16:04:15 | 005,601,181 | ---- | C] () -- C:\Users\Windows\Desktop\Tacabro - ASI ASI (Original Mix) HD.mp3 [2012-12-02 20:26:58 | 007,803,504 | ---- | C] () -- C:\Users\Windows\Desktop\Avicii-Last Dance.mp3 [2012-12-02 20:24:53 | 008,613,137 | ---- | C] () -- C:\Users\Windows\Desktop\Cascada-The rhythm of the night (Cardinal Edit).mp3 [2012-12-02 20:22:23 | 007,490,971 | ---- | C] () -- C:\Users\Windows\Desktop\Glamrock Brothers-Push the feeling on 2k12.mp3 [2012-12-02 20:20:38 | 007,551,627 | ---- | C] () -- C:\Users\Windows\Desktop\Tiesto ft. Allure-Pair of dice.mp3 [2012-12-01 16:08:38 | 008,403,068 | ---- | C] () -- C:\Users\Windows\Desktop\GrooveBusterz ft. Slayback-U&I.mp3 [2012-11-27 19:39:06 | 006,855,660 | ---- | C] () -- C:\Users\Windows\Desktop\Remady & Manu-Higher ground.mp3 [2012-11-23 16:31:30 | 000,007,597 | ---- | C] () -- C:\Users\Windows\AppData\Local\Resmon.ResmonCfg [2012-11-17 11:50:19 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012-11-17 11:33:01 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012-11-16 21:35:04 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2012-11-09 20:07:18 | 003,338,325 | ---- | C] () -- C:\Users\Windows\Desktop\Darius & Finlay ft. Carlprit-Do it all night.mp3 [2012-11-09 20:05:20 | 007,951,476 | ---- | C] () -- C:\Users\Windows\Desktop\Danceboy vs. Cary August-Drive by (Thomas Remix).mp3 [2012-11-09 19:54:41 | 008,193,181 | ---- | C] () -- C:\Users\Windows\Desktop\Daisy Hicks-Electric love.mp3 [2012-11-09 19:46:13 | 008,050,385 | ---- | C] () -- C:\Users\Windows\Desktop\Manuel Lauren-DJ Aflame.mp3 [2012-11-09 19:43:15 | 003,278,264 | ---- | C] () -- C:\Users\Windows\Desktop\Heads Will Roll-Yeah 3X (A-Trak Remix).mp3 [2012-11-09 19:36:15 | 008,070,877 | ---- | C] () -- C:\Users\Windows\Desktop\Remady & Manu ft. Amanda Wilson-Doing it right.mp3 [2012-11-09 19:27:42 | 009,412,233 | ---- | C] () -- C:\Users\Windows\Desktop\Carlprit-Fiesta (Michael Mind Project Edit).mp3 [2012-11-09 19:24:20 | 008,252,987 | ---- | C] () -- C:\Users\Windows\Desktop\Alexandra Shine-Play that game (Stephan F Remix).mp3 [2012-08-14 15:04:18 | 000,000,391 | ---- | C] () -- C:\Users\Windows\AppData\Roaming\burnaware.ini [2012-07-27 10:13:54 | 000,001,758 | ---- | C] () -- C:\Users\Windows\AppData\Local\recently-used.xbel [2012-07-01 10:51:01 | 000,000,001 | ---- | C] () -- C:\Users\Windows\AppData\Local\llftool.4.12.agreement [2012-06-21 09:37:14 | 003,166,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2012-01-30 21:56:59 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe [2012-01-29 19:10:49 | 000,001,749 | ---- | C] () -- C:\Users\Windows\AppData\Roaming\System Monitor II_CPU0_Settings.ini [2012-01-29 11:13:12 | 000,056,832 | ---- | C] () -- C:\Users\Windows\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-12-29 13:04:08 | 001,637,758 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-12-28 22:35:01 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2012-12-09 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software [2012-12-09 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software [2012-12-17 16:18:32 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\AIMP3 [2012-02-07 19:13:57 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\AnvSoft [2012-12-26 19:47:55 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\AVG2013 [2012-12-25 18:47:04 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Azureus [2012-05-14 19:36:44 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Canneverbe Limited [2012-01-14 13:36:49 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\ChomikBox [2012-02-11 10:53:16 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\DAEMON Tools Lite [2012-11-03 11:36:51 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\DMCache [2012-08-14 15:00:58 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\DVDVideoSoft [2011-12-29 17:57:22 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Gadu-Gadu 10 [2012-05-06 15:49:01 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\gtk-2.0 [2012-01-05 20:00:07 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\IObit [2012-02-18 15:07:34 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\ipla [2012-09-28 18:20:16 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Nokia [2012-10-24 16:15:40 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Notepad++ [2012-09-14 12:52:21 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Origin [2012-09-28 18:20:19 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\PC Suite [2012-02-11 16:01:56 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Samsung [2012-01-04 17:06:57 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Software Informer [2012-11-28 20:48:21 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\TuneUp Software [2012-12-25 19:27:56 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Ubisoft [2012-08-31 18:00:14 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Unity [2012-03-14 20:20:13 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\wargaming.net [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-12-28 22:38:21 | 000,000,086 | ---- | M] () -- C:\CSB.LOG [2012-12-26 19:42:08 | 2147,016,704 | -HS- | M] () -- C:\pagefile.sys [2011-12-28 22:36:11 | 000,001,705 | ---- | M] () -- C:\RHDSetup.log [2011-12-28 22:41:32 | 000,000,159 | ---- | M] () -- C:\Setup.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [2010-11-20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010-11-20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010-11-20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2012-08-22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys [2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys [2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys [2010-11-20 05:33:46 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 934759 bytes -> C:\Windows\Temp:temp < End of report > [/log] Extras.txt [log]OTL Extras logfile created on: 2012-12-26 19:57:35 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Windows\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 61,83% Memory free 4,00 Gb Paging File | 2,91 Gb Available in Paging File | 72,66% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 34,86 Gb Total Space | 6,04 Gb Free Space | 17,32% Space Free | Partition Type: NTFS Drive D: | 39,57 Gb Total Space | 12,56 Gb Free Space | 31,75% Space Free | Partition Type: NTFS Computer Name: WIN-KOMPUTER | User Name: Windows | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "D:\Programy\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "D:\Programy\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "D:\Programy\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "D:\Programy\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "D:\Programy\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "D:\Programy\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1B58B30D-AE43-47E4-920C-AF73250BA60B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{485345C1-E635-4F61-B35F-B1F91063A5E0}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{4D8B0E83-07D7-4D5C-A41B-3700324EA3D4}" = lport=2869 | protocol=6 | dir=in | app=system | "{7673180C-EC1C-4649-A6E8-43E75511C956}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7E8AFCCD-A52E-451C-A3FF-61020AEF2958}" = lport=445 | protocol=6 | dir=in | app=system | "{86BC8BC8-10B0-4650-AEE0-6A67FC30C051}" = rport=137 | protocol=17 | dir=out | app=system | "{8701CD4E-10E7-4669-B5E7-2D7E8403E197}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{873529DB-A158-4AA8-88A1-5CD8AF50CE5D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{89F6E98A-2EDF-4061-887F-035BCA7B6F36}" = lport=10243 | protocol=6 | dir=in | app=system | "{93DE1E68-272F-4E19-AEF5-3D14483DA7AE}" = lport=139 | protocol=6 | dir=in | app=system | "{968E8DAE-40FE-4D28-ADFC-E58F43A86BBA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{993866C3-8E14-4A36-834E-3345AB6548BB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9C5934D9-CEF0-4155-9B51-E0F94FBF85A3}" = lport=137 | protocol=17 | dir=in | app=system | "{B4556A28-3F30-4A31-B3C5-436E5C44FB54}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{BA927290-31FE-4417-BCA1-378A08B38949}" = lport=138 | protocol=17 | dir=in | app=system | "{C43D4073-6AED-4AD3-A9EC-63303CCE37A2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C4E4091D-0BDD-40C5-BD7D-609DCA864EEC}" = rport=138 | protocol=17 | dir=out | app=system | "{C5818950-8738-47C1-8A79-4F545EAD13CD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{DE8D8188-2584-40B3-AB95-EBA45CE5199A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E4B1A8BC-B654-4F1F-BA44-6B3CBBE23522}" = rport=445 | protocol=6 | dir=out | app=system | "{E69321B8-8608-4CDB-A2D4-A4478ECDE5AE}" = rport=10243 | protocol=6 | dir=out | app=system | "{F26AE1E7-E419-4204-81A6-6F4749987B1E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F406CC56-3001-411A-B971-2204BB786619}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F5EAA343-3439-4C70-A27A-2ED93B8007FA}" = lport=6004 | protocol=17 | dir=in | app=d:\programy\microsoft office 2010\office14\outlook.exe | "{FA97726E-4BC4-4F64-81F2-8BDFB96CA564}" = rport=139 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05EEAE13-FE0C-4D80-8ECF-D51B4FC92502}" = protocol=17 | dir=in | app=d:\programy\microsoft office 2010\office14\groove.exe | "{0EFC5BA5-B7F2-47DD-8500-2721D2C6F7DF}" = protocol=17 | dir=in | app=d:\programy\dirt3\dirt3_game.exe | "{1153C67F-B618-4A59-829C-7C51B8DEB317}" = dir=in | app=d:\programy\farming simulator 2013\farmingsimulator2013.exe | "{12D6AFA4-7E9D-42E8-8455-85A798ACFC2E}" = protocol=6 | dir=in | app=d:\programy\tcgrfs\gu.exe | "{15985078-FA8F-48FF-8621-3433BA2A0DCB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{19E8E0CB-0021-490E-A5D5-B39A64D8C0A5}" = protocol=17 | dir=in | app=d:\programy\avg2013\avgemca.exe | "{1CC7AEF0-BEC6-48F3-8DF7-FEE5BEAC78AB}" = protocol=6 | dir=in | app=d:\programy\avg anti-virus\avgnsa.exe | "{22EBC8EC-ABC6-41C5-8151-C8CFD967C54F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{23363D4A-B749-4486-A3B6-456AC958A29C}" = protocol=6 | dir=in | app=d:\programy\avg anti-virus\avgemca.exe | "{26317EF4-07A8-4283-B9A3-76EF034B9A11}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{2932CEB0-4ADD-4329-9372-D1B488D85644}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{29BC1492-E2AA-4DB2-9859-30200F273AF0}" = protocol=6 | dir=in | app=d:\programy\avg2013\avgnsa.exe | "{2B1F9362-630E-4BB1-B009-E465BE34EC92}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{38868B53-3062-430B-A91A-6AC5AD65DD81}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{3C3FA538-0C20-4F5E-BEB1-A2C65A5318D9}" = protocol=6 | dir=in | app=d:\programy\microsoft office 2010\office14\onenote.exe | "{3FEC4A37-977B-4747-A66E-20CBF05A8D77}" = protocol=17 | dir=in | app=d:\programy\avg2013\avgdiagex.exe | "{42A01063-C2A8-45A7-A204-FBFB6C759524}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{449BEFB2-A034-49B2-A442-FCC79C7A532E}" = protocol=17 | dir=in | app=d:\programy\avg2013\avgnsa.exe | "{450CE431-02D3-45D1-AAB8-43500554ACA7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{51B57335-E539-46CC-886A-D5DF89C6B3F5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{583FE73C-3111-4618-83F7-1CFC8A94B28D}" = protocol=17 | dir=in | app=d:\programy\avg anti-virus\avgdiagex.exe | "{5B1B37BE-E299-4FBF-B37D-23171481A61A}" = protocol=6 | dir=in | app=d:\programy\avg2013\avgdiagex.exe | "{5C22613D-A343-431F-8CA2-4D56FA7494CF}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{644AB586-B4A2-43CA-A290-C5F69B1120B9}" = protocol=17 | dir=in | app=d:\programy\tcgrfs\gu.exe | "{64B3C067-7FE1-49C5-8E78-3542C7B2D4B7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{69516F2E-EB31-4883-8E60-54BA5BF276D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{6AB0471D-DA85-4AC9-94FB-0611E459DE6F}" = protocol=17 | dir=in | app=d:\programy\avg2013\avgmfapx.exe | "{6E0F7189-FAAF-4E8D-9182-09B350951146}" = dir=in | app=d:\programy\farming simulator 2013\farmingsimulator2013game.exe | "{71BE0437-1B7F-4D66-B49D-57D1EF023DD1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{761603E0-1E37-4311-B1E6-62E8E7A8B367}" = protocol=17 | dir=in | app=d:\programy\avg anti-virus\avgnsa.exe | "{7667657E-3148-4137-938D-DD12E67D7C58}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{7D177032-CC1C-412C-9AB1-8D69FFB7266F}" = protocol=6 | dir=in | app=d:\programy\dirt3\dirt3_game.exe | "{7EF41F8D-377D-440A-B485-8F31DACB6841}" = protocol=17 | dir=in | app=d:\programy\samsung\npsasvr.exe | "{7F2638D6-84F2-46DE-B447-3CC574C451EB}" = protocol=17 | dir=in | app=d:\programy\avg anti-virus\avgmfapx.exe | "{8374DBE9-0851-4F42-9BA0-7068A9B7BCC1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{8572029A-7F53-4664-95EC-9C590AC00718}" = protocol=17 | dir=in | app=d:\programy\avg anti-virus\avgemca.exe | "{85C87A1B-F96A-4BE6-9BB4-934605212D5B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{87265B3E-DE3B-49D0-A2AA-0D2DF5D4123C}" = protocol=6 | dir=out | app=system | "{8F31CBBD-2F0C-492C-872F-1E5BE3768C62}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{955ACBB1-6C71-4F2F-8805-5423756E2710}" = protocol=6 | dir=in | app=d:\programy\samsung\npsvsvr.exe | "{97C4E202-792C-4A3E-838C-6601F4715ED0}" = protocol=17 | dir=in | app=d:\programy\microsoft office 2010\office14\onenote.exe | "{9C3F6985-74AA-4BD5-9952-C680C31A4AB9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A172684F-C023-42D3-ABDD-7634853C1EA4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{A7BB55E5-7DD5-4537-9402-0DBE025D8ACB}" = protocol=6 | dir=in | app=d:\programy\microsoft office 2010\office14\groove.exe | "{A7FBAF00-CC17-47C2-A9EC-2135A45292D0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AC98D7C2-73A1-457D-8445-AA6DE5A0B743}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B37FF819-4381-4EDB-BC5F-9242ABD5E5F5}" = protocol=17 | dir=in | app=d:\programy\tcgrfs\future soldier.exe | "{C0E81159-7BD1-4ACF-8154-C4ACAE12A25D}" = protocol=6 | dir=in | app=d:\programy\avg2013\avgmfapx.exe | "{C26EFA35-8FEA-42EE-AD9E-A4848CBBA22A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{D0D14AB8-8AFC-4802-A77D-A098CA4ABC38}" = protocol=6 | dir=in | app=d:\programy\samsung\npsasvr.exe | "{D0E1E5D4-EA34-4C9A-8709-AE4CB8A0C955}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D6B53311-2EE6-47B0-931D-D754CE073533}" = protocol=6 | dir=in | app=d:\programy\avg anti-virus\avgmfapx.exe | "{D6CCAF28-90E6-4F04-A54E-81AC50D2F614}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe | "{D86D1A50-F0F7-4E00-BFE5-D44A62A26C19}" = protocol=6 | dir=in | app=d:\programy\avg2013\avgemca.exe | "{D8D32165-4686-471A-8CE8-CE623F3DB2CF}" = protocol=6 | dir=in | app=d:\programy\avg anti-virus\avgdiagex.exe | "{DF962BA5-18DB-47BE-AE0C-9C524BD86C2E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E38E0CD1-975C-460B-8737-D9F1544FC622}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E3C6F384-369F-4E7F-ADA0-C018D165DC3A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{E8815790-5741-42B9-B360-6209186603FE}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{EA8F167C-4450-4426-BD75-B3CFD451146B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{F15C1779-6CE4-416D-82C0-B5022D15A025}" = protocol=6 | dir=in | app=d:\programy\tcgrfs\future soldier.exe | "{FD2C91E9-35C1-4A37-B93C-87AAC1CD1DF0}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe | "{FE10876B-B543-434D-9116-BF6F0DBD47C8}" = protocol=17 | dir=in | app=d:\programy\samsung\npsvsvr.exe | "TCP Query User{2FC4CFAE-F671-4058-8976-83D1BE85F194}C:\windows\syswow64\svchost.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\svchost.exe | "TCP Query User{59B12F2A-CB70-42D3-9E9C-6420424F4EA3}D:\programy\fifa 13\fifa 13\game\fifa13.exe" = protocol=6 | dir=in | app=d:\programy\fifa 13\fifa 13\game\fifa13.exe | "TCP Query User{62B34BF1-98F3-4583-9510-DC2363245C14}D:\programy\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=d:\programy\gadu-gadu 10\gg.exe | "TCP Query User{8429DAA4-B25F-411C-800B-4BC8EA496869}D:\programy\tcgrfs\future soldier.exe" = protocol=6 | dir=in | app=d:\programy\tcgrfs\future soldier.exe | "TCP Query User{B325D97E-DAFD-4B88-92FC-BFAAB242047C}D:\programy\vuze\azureus.exe" = protocol=6 | dir=in | app=d:\programy\vuze\azureus.exe | "TCP Query User{D04C1F2D-F11D-4FF7-8E82-D32100804A45}D:\programy\resident evil\raccooncity.exe" = protocol=6 | dir=in | app=d:\programy\resident evil\raccooncity.exe | "UDP Query User{0333F9CC-946F-4B6F-A38A-A03D4098E8F0}D:\programy\tcgrfs\future soldier.exe" = protocol=17 | dir=in | app=d:\programy\tcgrfs\future soldier.exe | "UDP Query User{0C785F67-782C-4597-B83E-E2896F5EE584}C:\windows\syswow64\svchost.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\svchost.exe | "UDP Query User{0D0D2EC5-2EE2-4BD2-B3B8-E5129D32680E}D:\programy\vuze\azureus.exe" = protocol=17 | dir=in | app=d:\programy\vuze\azureus.exe | "UDP Query User{11996270-FA3D-45A7-81B5-C40833829705}D:\programy\fifa 13\fifa 13\game\fifa13.exe" = protocol=17 | dir=in | app=d:\programy\fifa 13\fifa 13\game\fifa13.exe | "UDP Query User{2B256038-452E-4B67-A91C-09AD3658AC0A}D:\programy\resident evil\raccooncity.exe" = protocol=17 | dir=in | app=d:\programy\resident evil\raccooncity.exe | "UDP Query User{3E78360F-EB52-4A6B-B523-F7649A6FB7E9}D:\programy\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=d:\programy\gadu-gadu 10\gg.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables "{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java™ 6 Update 30 (64-bit) "{73105254-4936-47AC-ACDE-08D11D25E3DB}" = AVG 2013 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0015-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0016-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0018-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-0019-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001A-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001B-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-001F-0415-1000-0000000FF1CE}_Office14.PROPLUS_{329A3D98-9583-4B84-B18B-498E7AB65C43}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-002C-0415-1000-0000000FF1CE}_Office14.PROPLUS_{BFEB53FA-3044-47FD-BB50-9DCBBEED79EF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 "{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010 "{90140000-0043-0415-1000-0000000FF1CE}_Office14.PROPLUS_{FF5F6090-64DF-4BF6-BADD-71A64FDA70D2}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-0044-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-006E-0415-1000-0000000FF1CE}_Office14.PROPLUS_{3A96ABFF-5202-47B1-B5A2-DDE76563AF61}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00A1-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{90140000-00BA-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{AAD6E537-3EFC-4ECB-825D-C17094DB5076}" = HP Deskjet 2050 J510 series Podstawowe oprogramowanie urządzenia "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.11.0621 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.2.24.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B9D80BD8-C6F4-467C-9717-0ABA9684DA29}" = AVG 2013 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "AVG" = AVG 2013 "KLiteCodecPack64_is1" = K-Lite Codec Pack 5.5.0 (64-bit) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "NVIDIA Drivers" = NVIDIA Drivers "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "WinRAR archiver" = WinRAR 4.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0 "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.5 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java™ 6 Update 30 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9 "{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution "{6D87CAD9-9B94-4421-A439-B25F8DE14575}" = Tom Clancy's Ghost Recon Future Soldier "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Pomoc "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Polish "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}" = livebox tp "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "360Amigo" = 360 Amigo System Speedup PRO "3643efd4" = Contextual Tool Extrafind "8461-7759-5462-8226" = Vuze "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "AIMP3" = AIMP3 "BurnAware Free_is1" = BurnAware Free 5.1 "DAEMON Tools Lite" = DAEMON Tools Lite "Gadu-Gadu 10" = Gadu-Gadu 10 "IrfanView" = IrfanView (remove only) "LiveVDO" = LiveVDO "LiveVDO plugin" = LiveVDO plugin 1.3 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000 "Mozilla Firefox 17.0.1 (x86 pl)" = Mozilla Firefox 17.0.1 (x86 pl) "Notepad++" = Notepad++ "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "PowerISO" = PowerISO "PunkBusterSvc" = PunkBuster Services "StartSearch Toolbar" = StartSearch Toolbar 1.3 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3579618863-3005018423-1962738702-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-12-20 10:26:01 | Computer Name = Win-Komputer | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-12-20 11:05:11 | Computer Name = Win-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "D:\Programy\Nokia Suite\Nokia PC Suite 7\TIS_Windows7PIM.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-12-21 06:51:33 | Computer Name = Win-Komputer | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-12-21 12:34:17 | Computer Name = Win-Komputer | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-12-22 07:36:04 | Computer Name = Win-Komputer | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-12-22 14:01:15 | Computer Name = Win-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: firefox.exe, wersja: 17.0.1.4715, sygnatura czasowa: 0x50b71a4b Nazwa modułu powodującego błąd: xul.dll, wersja: 17.0.1.4715, sygnatura czasowa: 0x50b7198b Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00144ed8 Identyfikator procesu powodującego błąd: 0x8c0 Godzina uruchomienia aplikacji powodującej błąd: 0x01cde066b86d8278 Ścieżka aplikacji powodującej błąd: D:\Programy\Mozilla Firefox\firefox.exe Ścieżka modułu powodującego błąd: D:\Programy\Mozilla Firefox\xul.dll Identyfikator raportu: 9347d428-4c61-11e2-83a3-9e0e79b4eb99 Error - 2012-12-24 07:38:26 | Computer Name = Win-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "D:\Programy\Nokia Suite\Nokia PC Suite 7\TIS_Windows7PIM.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-12-24 16:16:59 | Computer Name = Win-Komputer | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-12-25 11:07:03 | Computer Name = Win-Komputer | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-12-25 15:35:50 | Computer Name = Win-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: Future Soldier.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fc7852e Nazwa modułu powodującego błąd: Future Soldier.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fc7852e Kod wyjątku: 0x40000015 Przesunięcie błędu: 0x00444e6a Identyfikator procesu powodującego błąd: 0x4c4 Godzina uruchomienia aplikacji powodującej błąd: 0x01cde2d2800fb324 Ścieżka aplikacji powodującej błąd: D:\Programy\TCGRFS\Future Soldier.exe Ścieżka modułu powodującego błąd: D:\Programy\TCGRFS\Future Soldier.exe Identyfikator raportu: 494bdad4-4eca-11e2-b709-ba4fb73feba5 Error - 2012-12-26 14:38:34 | Computer Name = Win-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: firefox.exe, wersja: 17.0.1.4715, sygnatura czasowa: 0x50b71a4b Nazwa modułu powodującego błąd: xul.dll, wersja: 17.0.1.4715, sygnatura czasowa: 0x50b7198b Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00144ed8 Identyfikator procesu powodującego błąd: 0xedc Godzina uruchomienia aplikacji powodującej błąd: 0x01cde39595ea87a0 Ścieżka aplikacji powodującej błąd: D:\Programy\Mozilla Firefox\firefox.exe Ścieżka modułu powodującego błąd: D:\Programy\Mozilla Firefox\xul.dll Identyfikator raportu: 73ec0400-4f8b-11e2-a27f-bb60148493d1 [ System Events ] Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:03 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:03 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. < End of report > [/log]
wirusolog komentarz 26 grudnia 2012 komentarz 26 grudnia 2012 [b]1.[/b] Uruchom OTL i w sekcji [b]Własne opcje skanowania / skrypt[/b] wklej: [quote]:OTL @Alternate Data Stream - 934759 bytes -> C:\Windows\Temp:temp IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?u...6&ts=1347112262 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?u...6&ts=1347112262 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{B95BEC67-55A1-4549-B178-31626D0A5B8D}: "URL" = http://startsear.ch/...q={searchTerms} IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?u...6&ts=1347112262 IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?u...6&ts=1347112262 IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes,DefaultScope = {B95BEC67-55A1-4549-B178-31626D0A5B8D} IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com...q={searchTerms} IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com...q={searchTerms} IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes\{8CF4B1EF-207D-4F90-9C30-6B4A6A62AC7B}: "URL" = http://www.google.co...q={searchTerms} IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes\{B95BEC67-55A1-4549-B178-31626D0A5B8D}: "URL" = http://startsear.ch/...q={searchTerms} IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes\{C55A7213-2DC5-49D5-93E7-76F4DA773C1C}: "URL" = http://search.yahoo....p={searchTerms} IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes\{C68C8B56-22CC-4B7A-8BB3-5ACF9DF123DE}: "URL" = http://websearch.ask...F4-314027C0F8C3 FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "error" FF - prefs.js..browser.search.order.1: "error" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811" FF - prefs.js..keyword.URL: "error" FF - user.js - File not found CHR - homepage: http://www.v9.com/?u...6&ts=1347112262 CHR - default_search_provider: v9 (Enabled) CHR - default_search_provider: search_url = http://search.v9.com...q={searchTerms} CHR - default_search_provider: suggest_url = , CHR - homepage: http://www.v9.com/?u...6&ts=1347112262 FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: File not found O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-3579618863-3005018423-1962738702-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found :Files C:\Windows\tasks\*.job :Commands [emptytemp][/quote] Klik w [b]Wykonaj skrypt[/b]. System zostanie zrestartowany. [b]2.[/b] Uruchom [url=http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/2-adwcleaner][color=#1072E0][b]AdwCleaner[/b][/color][/url] i zastosuj [b]Delete[/b]. Na dysku C powstanie log z usuwania. [b]3.[/b] Zrób nowy log OTL z opcji [b]Skanuj[/b]. Dołącz raport z usuwania OTLem + raport z czyszczenia z AdwCleaner i nowy komplet logów z OTL.
maryjanek komentarz 27 grudnia 2012 Autor komentarz 27 grudnia 2012 [b]1.[/b] 12272012_133059.txt [log]All processes killed ========== OTL ========== ADS C:\Windows\Temp:temp deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B95BEC67-55A1-4549-B178-31626D0A5B8D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B95BEC67-55A1-4549-B178-31626D0A5B8D}\ not found. HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully! HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-3579618863-3005018423-1962738702-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully. HKEY_USERS\S-1-5-21-3579618863-3005018423-1962738702-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-3579618863-3005018423-1962738702-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_USERS\S-1-5-21-3579618863-3005018423-1962738702-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found. Registry key HKEY_USERS\S-1-5-21-3579618863-3005018423-1962738702-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8CF4B1EF-207D-4F90-9C30-6B4A6A62AC7B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8CF4B1EF-207D-4F90-9C30-6B4A6A62AC7B}\ not found. Registry key HKEY_USERS\S-1-5-21-3579618863-3005018423-1962738702-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B95BEC67-55A1-4549-B178-31626D0A5B8D}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B95BEC67-55A1-4549-B178-31626D0A5B8D}\ not found. Registry key HKEY_USERS\S-1-5-21-3579618863-3005018423-1962738702-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C55A7213-2DC5-49D5-93E7-76F4DA773C1C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C55A7213-2DC5-49D5-93E7-76F4DA773C1C}\ not found. Registry key HKEY_USERS\S-1-5-21-3579618863-3005018423-1962738702-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C68C8B56-22CC-4B7A-8BB3-5ACF9DF123DE}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C68C8B56-22CC-4B7A-8BB3-5ACF9DF123DE}\ not found. Prefs.js: "Web Search" removed from browser.search.defaultengine Prefs.js: "error" removed from browser.search.defaultenginename Prefs.js: "error" removed from browser.search.order.1 Prefs.js: "chr-greentree_ff&ilc=12&type=937811" removed from browser.search.param.yahoo-fr Prefs.js: "error" removed from keyword.URL Use Chrome's Settings page to change the HomePage. Use Chrome's Settings page to remove the default_search_provider items. Use Chrome's Settings page to remove the default_search_provider items. Use Chrome's Settings page to remove the default_search_provider items. Use Chrome's Settings page to change the HomePage. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\ubisoft.com/uplaypc\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-21-3579618863-3005018423-1962738702-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. ========== FILES ========== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3579618863-3005018423-1962738702-1000Core.job moved successfully. C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3579618863-3005018423-1962738702-1000UA.job moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Windows ->Temp folder emptied: 20205628 bytes ->Temporary Internet Files folder emptied: 478090 bytes ->Java cache emptied: 98646902 bytes ->FireFox cache emptied: 435328589 bytes ->Google Chrome cache emptied: 5999218 bytes ->Flash cache emptied: 8391 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 2623090 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50534 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 537,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 12272012_133059 Files\Folders moved on Reboot... C:\Users\Windows\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...[/log] [b]2.[/b] AdwCleaner[S1] [log]# AdwCleaner v2.103 - Log utworzony 27/12/2012 o 13:38:25 # Aktualizacja 25/12/2012 przez Xplode # System operacyjny : Windows 7 Ultimate Service Pack 1 (64 bits) # Użytkownik : Windows - WIN-KOMPUTER # Tryb uruchomienia : Normalny # Ścieżka : C:\Users\Windows\Desktop\adwcleaner.exe # Opcja [Usuń] ***** [Usługi] ***** ***** [Pliki / Foldery] ***** Folder Usunięto : C:\Program Files (x86)\StartSearch plugin Folder Usunięto : C:\ProgramData\InstallMate Folder Usunięto : C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp Folder Usunięto : C:\Users\Windows\AppData\Local\TempDir Folder Usunięto : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar Plik Usunięto : C:\Users\Windows\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url ***** [Rejestr] ***** Klucz Usunięto : HKCU\Software\APN PIP Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Klucz Usunięto : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Klucz Usunięto : HKCU\Software\Softonic Klucz Usunięto : HKCU\Software\StartSearch Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Klucz Usunięto : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Klucz Usunięto : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Klucz Usunięto : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A} Klucz Usunięto : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Klucz Usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31} Klucz Usunięto : HKLM\Software\PIP Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183} Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31} Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LiveVDO plugin Klucz Usunięto : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\startsearch Toolbar Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Klucz Usunięto : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} ***** [Przeglądarki Internetowe] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Rejestr w porządku. -\\ Mozilla Firefox v17.0.1 (pl) Plik : C:\Users\Windows\AppData\Roaming\Mozilla\Firefox\Profiles\ypbnexiu.default\prefs.js Usunięto : user_pref("extensions.504cc4a0cd55b.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...] Usunięto : user_pref("extensions.quickstores@quickstores.de.install-event-fired", true); -\\ Google Chrome v23.0.1271.97 Plik : C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Preferences Usunięto [l.11] : homepage = "hxxp://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&uid=WDC_WD800BB-00DKA0_WD[...] Usunięto [l.15] : urls_to_restore_on_startup = [ "hxxp://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&ui[...] Usunięto [l.55] : keyword = "v9.com", Usunięto [l.58] : search_url = "hxxp://search.v9.com/web/?q={searchTerms}", Usunięto [l.1619] : homepage = "hxxp://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&uid=WDC_WD800BB-00DKA0_WD-WC[...] Usunięto [l.1971] : urls_to_restore_on_startup = [ "hxxp://www.v9.com/?utm_source=b&utm_medium=vlt&from=vlt&uid=W[...] ************************* AdwCleaner[S1].txt - [4747 octets] - [27/12/2012 13:38:25] ########## EOF - C:\AdwCleaner[S1].txt - [4807 octets] ##########[/log] [b]3.[/b] OTL.txt [log]OTL logfile created on: 2012-12-27 13:43:56 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Windows\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,48% Memory free 4,00 Gb Paging File | 2,80 Gb Available in Paging File | 69,93% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 34,86 Gb Total Space | 6,56 Gb Free Space | 18,81% Space Free | Partition Type: NTFS Drive D: | 39,57 Gb Total Space | 12,70 Gb Free Space | 32,09% Space Free | Partition Type: NTFS Computer Name: WIN-KOMPUTER | User Name: Windows | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-12-26 18:04:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Windows\Desktop\OTL.exe PRC - [2012-12-25 19:42:38 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012-11-06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgui.exe PRC - [2012-11-06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgidsagent.exe PRC - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgwdsvc.exe PRC - [2012-10-10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- D:\Programy\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2012-03-30 20:17:23 | 000,116,648 | ---- | M] (Google Inc.) -- C:\Users\Windows\AppData\Local\Google\Update\GoogleUpdate.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-12-26 18:04:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Windows\Desktop\OTL.exe MOD - [2012-11-14 02:57:44 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2012-11-14 02:57:37 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2012-11-14 02:46:38 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2012-11-06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgui.exe MOD - [2012-11-06 00:11:52 | 002,606,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgkrnlapix.dll MOD - [2012-10-29 03:38:18 | 001,001,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgcfgx.dll MOD - [2012-10-22 13:04:38 | 002,024,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avguires.dll MOD - [2012-10-22 13:04:36 | 000,025,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgapps.dll MOD - [2012-10-22 13:04:16 | 000,797,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgsysx.dll MOD - [2012-10-22 13:04:12 | 000,862,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgntopensslx.dll MOD - [2012-10-22 13:04:10 | 000,311,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avglogx.dll MOD - [2012-10-22 13:04:10 | 000,177,272 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avglngx.dll MOD - [2012-10-22 13:04:08 | 000,481,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgcommx.dll MOD - [2012-10-22 13:04:04 | 000,348,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgidpmx.dll MOD - [2012-10-22 13:03:44 | 000,279,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Programy\AVG2013\avgclitx.dll MOD - [2012-10-04 17:47:41 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2012-10-04 17:47:40 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2012-09-08 16:22:22 | 000,834,000 | ---- | M] (Google Inc.) -- C:\Users\Windows\AppData\Local\Google\Update\1.3.21.123\goopdate.dll MOD - [2012-08-24 17:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2012-07-04 22:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll MOD - [2012-07-03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe MOD - [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2012-06-02 05:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2012-06-02 05:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2012-06-02 05:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2012-05-05 08:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2012-04-07 12:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll MOD - [2012-03-30 20:17:23 | 000,116,648 | ---- | M] (Google Inc.) -- C:\Users\Windows\AppData\Local\Google\Update\GoogleUpdate.exe MOD - [2012-03-01 06:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2012-01-04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2011-12-16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-06-11 01:58:52 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100u.dll MOD - [2011-06-11 01:58:52 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll MOD - [2011-06-11 01:58:52 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp100.dll MOD - [2011-06-11 01:58:52 | 000,055,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100enu.dll MOD - [2011-05-24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011-05-24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2010-11-20 04:21:40 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010-11-20 04:21:40 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll MOD - [2010-11-20 04:21:38 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010-11-20 04:21:38 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010-11-20 04:21:38 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll MOD - [2010-11-20 04:21:36 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010-11-20 04:21:34 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-11-20 04:21:34 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010-11-20 04:21:28 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010-11-20 04:21:26 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010-11-20 04:21:20 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010-11-20 04:21:16 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010-11-20 04:21:16 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010-11-20 04:21:06 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010-11-20 04:20:58 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010-11-20 04:20:50 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-11-20 04:20:50 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010-11-20 04:20:30 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010-11-20 04:19:54 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mstask.dll MOD - [2010-11-20 04:19:46 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010-11-20 04:19:24 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010-11-20 04:18:28 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010-11-20 04:18:26 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010-11-20 04:18:24 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010-11-20 04:18:04 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010-11-20 04:18:04 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010-11-20 04:16:52 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010-11-20 04:08:58 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010-11-20 04:08:58 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010-11-20 04:08:52 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010-11-20 04:08:52 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010-11-20 03:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-12-25 19:42:38 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012-11-06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Programy\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012-10-22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Programy\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2012-10-10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-09-29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- D:\Programy\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programy\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012-09-20 13:33:22 | 050,899,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programy\Microsoft Office 2010\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-06-11 10:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012-01-30 21:56:34 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-10-22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:[b]64bit:[/b] - [2012-10-15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:[b]64bit:[/b] - [2012-10-05 03:32:50 | 000,111,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:[b]64bit:[/b] - [2012-10-02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:[b]64bit:[/b] - [2012-09-29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012-09-21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:[b]64bit:[/b] - [2012-09-21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:[b]64bit:[/b] - [2012-09-14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:[b]64bit:[/b] - [2012-06-11 10:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-12-29 13:17:55 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2011-12-01 11:42:44 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol) DRV:[b]64bit:[/b] - [2011-12-01 11:42:44 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp) DRV:[b]64bit:[/b] - [2011-11-15 04:50:14 | 000,125,376 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:[b]64bit:[/b] - [2011-07-08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-20 03:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010-11-20 02:43:58 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2010-08-12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET) DRV:[b]64bit:[/b] - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:[b]64bit:[/b] - [2010-02-25 17:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2008-07-29 04:47:00 | 001,075,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb) DRV - [2012-01-21 15:38:29 | 000,023,080 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3579618863-3005018423-1962738702-1004\..\SearchScopes,DefaultScope = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "" FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.param.yahoo-fr: "" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.pl/firefox" FF - prefs.js..extensions.enabledAddons: %7Bc50ca3c4-5656-43c2-a061-13e717f73fc8%7D:4.2.4 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Programy\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\Programy\Java\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programy\Adobe Reader X\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Windows\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Windows\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Windows\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: D:\Programy\Mozilla Firefox\components [2012-12-06 15:16:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: D:\Programy\Mozilla Firefox\plugins [2012-12-06 15:16:08 | 000,000,000 | ---D | M] [2012-04-10 10:17:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows\AppData\Roaming\mozilla\Extensions [2012-12-15 12:00:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Windows\AppData\Roaming\mozilla\Firefox\Profiles\ypbnexiu.default\extensions [2012-12-15 12:00:49 | 000,316,317 | ---- | M] () (No name found) -- C:\Users\Windows\AppData\Roaming\mozilla\firefox\profiles\ypbnexiu.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.com/ CHR - default_search_provider: v9 (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = , CHR - homepage: http://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Windows\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Windows\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Windows\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Windows\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Enabled) = D:\Programy\Adobe Reader X\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Google Update (Enabled) = C:\Users\Windows\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: StartSearch Video plug-in = C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\ CHR - Extension: YouTube = C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Gmail = C:\Users\Windows\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\Microsoft Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programy\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programy\Java\bin\ssv.dll (Oracle Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [BCSSync] D:\Programy\Microsoft Office 2010\Office14\BCSSync.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AVG_UI] D:\Programy\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3579618863-3005018423-1962738702-1000..\Run: [360Amigo] D:\Programy\360Amigo\360Amigo.exe (360 Amigo) O4 - HKU\S-1-5-21-3579618863-3005018423-1962738702-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://D:\Programy\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:[b]64bit:[/b] - Extra context menu item: Wyślij &do programu OneNote - D:\Programy\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://D:\Programy\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Wyślij &do programu OneNote - D:\Programy\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programy\Microsoft Office 2010\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Programy\Microsoft Office 2010\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.9.2) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.9.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D268F165-161E-46FD-B7EB-1ECA4DBD1455}: DhcpNameServer = 192.168.1.1 0.0.0.0 O18 - Protocol\Handler\ms-help - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programy\Microsoft Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-12-27 13:30:59 | 000,000,000 | ---D | C] -- C:\_OTL [2012-12-26 19:47:55 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Roaming\AVG2013 [2012-12-26 19:47:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2012-12-26 19:46:48 | 000,000,000 | -H-D | C] -- C:\$AVG [2012-12-26 19:46:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013 [2012-12-26 18:22:12 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Local\Avg2013 [2012-12-26 18:04:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Windows\Desktop\OTL.exe [2012-12-26 13:51:34 | 000,000,000 | ---D | C] -- C:\Users\Windows\Documents\FLiNGTrainer [2012-12-25 20:03:27 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Local\PunkBuster [2012-12-25 20:02:04 | 000,000,000 | ---D | C] -- C:\Users\Windows\Documents\Ubisoft [2012-12-25 19:27:56 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Roaming\Ubisoft [2012-12-19 18:28:45 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Local\Ubisoft Game Launcher [2012-12-19 18:25:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2012-12-17 20:09:43 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Local\SniperV2 [2012-12-17 20:09:09 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Local\SKIDROW [2012-12-17 16:25:55 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012-12-09 15:27:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2012-11-28 20:48:21 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Roaming\TuneUp Software [2012-11-28 20:46:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012-11-28 20:46:35 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Local\MFAData [2012-11-28 20:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2012-11-27 16:12:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012-11-26 15:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoKMS [2012-11-25 17:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2012-11-25 17:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012-11-25 17:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012-11-25 17:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2012-11-25 17:21:52 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012-11-25 17:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework [2012-11-25 17:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2012-11-25 17:19:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2012-11-25 17:16:35 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW [2012-11-25 17:16:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2012-11-25 17:16:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2012-11-25 17:15:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012-11-25 14:59:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache [2012-11-24 20:54:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LiveVDO plugin [2012-11-19 16:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012-11-16 21:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink [2012-11-16 21:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\SlySoft [2012-11-09 19:53:08 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader [2012-11-09 19:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader [2012-11-03 11:28:46 | 000,000,000 | ---D | C] -- C:\Users\Windows\AppData\Roaming\DMCache [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-12-27 13:40:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-12-27 13:39:08 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-12-27 13:39:08 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-12-27 13:37:19 | 000,550,017 | ---- | M] () -- C:\Users\Windows\Desktop\adwcleaner.exe [2012-12-26 20:27:39 | 000,282,696 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012-12-26 20:27:39 | 000,282,696 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-12-26 18:35:38 | 001,662,556 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-12-26 18:35:38 | 000,737,730 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-12-26 18:35:38 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-12-26 18:35:38 | 000,154,418 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-12-26 18:35:38 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-12-26 18:04:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Windows\Desktop\OTL.exe [2012-12-26 15:29:51 | 000,282,696 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012-12-26 13:51:13 | 000,558,252 | ---- | M] () -- C:\Users\Windows\Desktop\Ghost Recon Future Soldier - trainer+12.rar [2012-12-25 20:01:55 | 000,000,665 | ---- | M] () -- C:\Users\Windows\Desktop\Future Soldier — skrót.lnk [2012-12-25 19:42:38 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-12-22 15:42:47 | 006,874,007 | ---- | M] () -- C:\Users\Windows\Desktop\Jingle Bells - Official 2012_2013 Techno Remix -.mp3 [2012-12-22 15:41:04 | 000,056,832 | ---- | M] () -- C:\Users\Windows\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-12-22 11:04:26 | 000,417,696 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-12-19 19:08:41 | 010,655,755 | ---- | M] () -- C:\Users\Windows\Desktop\Taio Cruz-Fast car (8 Barz Remix).mp3 [2012-12-19 18:57:00 | 006,497,437 | ---- | M] () -- C:\Users\Windows\Desktop\Michael Mind Project Feat. Dante Thomas - Nothing Lasts Forever (Radio Edit) (CDQ) ( 2o12 ).mp3 [2012-12-12 19:38:37 | 003,242,944 | ---- | M] () -- C:\Users\Windows\Desktop\DJ Antoine vs Mad Mark-Broadway (Da Brozz Remix).mp3 [2012-12-11 16:16:33 | 006,945,181 | ---- | M] () -- C:\Users\Windows\Desktop\Let's Go Project - Yeke Yeke ( Kuba S & Fisher Remix ).mp3 [2012-12-11 16:06:07 | 008,560,768 | ---- | M] () -- C:\Users\Windows\Desktop\Kalwi & Remi feat. Nadia Gattas - Africa (Radio Edit) (www.djoles.pl).mp3 [2012-12-11 16:04:27 | 005,601,181 | ---- | M] () -- C:\Users\Windows\Desktop\Tacabro - ASI ASI (Original Mix) HD.mp3 [2012-12-02 20:26:58 | 007,803,504 | ---- | M] () -- C:\Users\Windows\Desktop\Avicii-Last Dance.mp3 [2012-12-02 20:24:54 | 008,613,137 | ---- | M] () -- C:\Users\Windows\Desktop\Cascada-The rhythm of the night (Cardinal Edit).mp3 [2012-12-02 20:22:23 | 007,490,971 | ---- | M] () -- C:\Users\Windows\Desktop\Glamrock Brothers-Push the feeling on 2k12.mp3 [2012-12-02 20:20:45 | 007,551,627 | ---- | M] () -- C:\Users\Windows\Desktop\Tiesto ft. Allure-Pair of dice.mp3 [2012-12-01 16:08:49 | 008,403,068 | ---- | M] () -- C:\Users\Windows\Desktop\GrooveBusterz ft. Slayback-U&I.mp3 [2012-11-28 20:41:44 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat [2012-11-27 19:39:18 | 006,855,660 | ---- | M] () -- C:\Users\Windows\Desktop\Remady & Manu-Higher ground.mp3 [2012-11-23 16:31:30 | 000,007,597 | ---- | M] () -- C:\Users\Windows\AppData\Local\Resmon.ResmonCfg [2012-11-17 12:30:06 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib [2012-11-16 21:08:00 | 000,000,391 | ---- | M] () -- C:\Users\Windows\AppData\Roaming\burnaware.ini [2012-11-09 20:07:18 | 003,338,325 | ---- | M] () -- C:\Users\Windows\Desktop\Darius & Finlay ft. Carlprit-Do it all night.mp3 [2012-11-09 20:05:21 | 007,951,476 | ---- | M] () -- C:\Users\Windows\Desktop\Danceboy vs. Cary August-Drive by (Thomas Remix).mp3 [2012-11-09 19:54:59 | 008,193,181 | ---- | M] () -- C:\Users\Windows\Desktop\Daisy Hicks-Electric love.mp3 [2012-11-09 19:46:14 | 008,050,385 | ---- | M] () -- C:\Users\Windows\Desktop\Manuel Lauren-DJ Aflame.mp3 [2012-11-09 19:43:42 | 003,278,264 | ---- | M] () -- C:\Users\Windows\Desktop\Heads Will Roll-Yeah 3X (A-Trak Remix).mp3 [2012-11-09 19:36:17 | 008,070,877 | ---- | M] () -- C:\Users\Windows\Desktop\Remady & Manu ft. Amanda Wilson-Doing it right.mp3 [2012-11-09 19:27:43 | 009,412,233 | ---- | M] () -- C:\Users\Windows\Desktop\Carlprit-Fiesta (Michael Mind Project Edit).mp3 [2012-11-09 19:24:27 | 008,252,987 | ---- | M] () -- C:\Users\Windows\Desktop\Alexandra Shine-Play that game (Stephan F Remix).mp3 [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-12-27 13:37:18 | 000,550,017 | ---- | C] () -- C:\Users\Windows\Desktop\adwcleaner.exe [2012-12-26 13:51:12 | 000,558,252 | ---- | C] () -- C:\Users\Windows\Desktop\Ghost Recon Future Soldier - trainer+12.rar [2012-12-25 20:03:32 | 000,282,696 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012-12-25 20:01:55 | 000,000,665 | ---- | C] () -- C:\Users\Windows\Desktop\Future Soldier — skrót.lnk [2012-12-25 19:19:11 | 000,282,696 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-12-25 19:19:11 | 000,282,696 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012-12-25 19:19:09 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012-12-22 15:42:27 | 006,874,007 | ---- | C] () -- C:\Users\Windows\Desktop\Jingle Bells - Official 2012_2013 Techno Remix -.mp3 [2012-12-19 19:08:09 | 010,655,755 | ---- | C] () -- C:\Users\Windows\Desktop\Taio Cruz-Fast car (8 Barz Remix).mp3 [2012-12-19 18:56:45 | 006,497,437 | ---- | C] () -- C:\Users\Windows\Desktop\Michael Mind Project Feat. Dante Thomas - Nothing Lasts Forever (Radio Edit) (CDQ) ( 2o12 ).mp3 [2012-12-12 19:38:36 | 003,242,944 | ---- | C] () -- C:\Users\Windows\Desktop\DJ Antoine vs Mad Mark-Broadway (Da Brozz Remix).mp3 [2012-12-11 16:16:19 | 006,945,181 | ---- | C] () -- C:\Users\Windows\Desktop\Let's Go Project - Yeke Yeke ( Kuba S & Fisher Remix ).mp3 [2012-12-11 16:06:02 | 008,560,768 | ---- | C] () -- C:\Users\Windows\Desktop\Kalwi & Remi feat. Nadia Gattas - Africa (Radio Edit) (www.djoles.pl).mp3 [2012-12-11 16:04:15 | 005,601,181 | ---- | C] () -- C:\Users\Windows\Desktop\Tacabro - ASI ASI (Original Mix) HD.mp3 [2012-12-02 20:26:58 | 007,803,504 | ---- | C] () -- C:\Users\Windows\Desktop\Avicii-Last Dance.mp3 [2012-12-02 20:24:53 | 008,613,137 | ---- | C] () -- C:\Users\Windows\Desktop\Cascada-The rhythm of the night (Cardinal Edit).mp3 [2012-12-02 20:22:23 | 007,490,971 | ---- | C] () -- C:\Users\Windows\Desktop\Glamrock Brothers-Push the feeling on 2k12.mp3 [2012-12-02 20:20:38 | 007,551,627 | ---- | C] () -- C:\Users\Windows\Desktop\Tiesto ft. Allure-Pair of dice.mp3 [2012-12-01 16:08:38 | 008,403,068 | ---- | C] () -- C:\Users\Windows\Desktop\GrooveBusterz ft. Slayback-U&I.mp3 [2012-11-27 19:39:06 | 006,855,660 | ---- | C] () -- C:\Users\Windows\Desktop\Remady & Manu-Higher ground.mp3 [2012-11-23 16:31:30 | 000,007,597 | ---- | C] () -- C:\Users\Windows\AppData\Local\Resmon.ResmonCfg [2012-11-17 11:50:19 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012-11-17 11:33:01 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012-11-16 21:35:04 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2012-11-09 20:07:18 | 003,338,325 | ---- | C] () -- C:\Users\Windows\Desktop\Darius & Finlay ft. Carlprit-Do it all night.mp3 [2012-11-09 20:05:20 | 007,951,476 | ---- | C] () -- C:\Users\Windows\Desktop\Danceboy vs. Cary August-Drive by (Thomas Remix).mp3 [2012-11-09 19:54:41 | 008,193,181 | ---- | C] () -- C:\Users\Windows\Desktop\Daisy Hicks-Electric love.mp3 [2012-11-09 19:46:13 | 008,050,385 | ---- | C] () -- C:\Users\Windows\Desktop\Manuel Lauren-DJ Aflame.mp3 [2012-11-09 19:43:15 | 003,278,264 | ---- | C] () -- C:\Users\Windows\Desktop\Heads Will Roll-Yeah 3X (A-Trak Remix).mp3 [2012-11-09 19:36:15 | 008,070,877 | ---- | C] () -- C:\Users\Windows\Desktop\Remady & Manu ft. Amanda Wilson-Doing it right.mp3 [2012-11-09 19:27:42 | 009,412,233 | ---- | C] () -- C:\Users\Windows\Desktop\Carlprit-Fiesta (Michael Mind Project Edit).mp3 [2012-11-09 19:24:20 | 008,252,987 | ---- | C] () -- C:\Users\Windows\Desktop\Alexandra Shine-Play that game (Stephan F Remix).mp3 [2012-08-14 15:04:18 | 000,000,391 | ---- | C] () -- C:\Users\Windows\AppData\Roaming\burnaware.ini [2012-07-27 10:13:54 | 000,001,758 | ---- | C] () -- C:\Users\Windows\AppData\Local\recently-used.xbel [2012-07-01 10:51:01 | 000,000,001 | ---- | C] () -- C:\Users\Windows\AppData\Local\llftool.4.12.agreement [2012-06-21 09:37:14 | 003,166,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2012-01-30 21:56:59 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe [2012-01-29 19:10:49 | 000,001,749 | ---- | C] () -- C:\Users\Windows\AppData\Roaming\System Monitor II_CPU0_Settings.ini [2012-01-29 11:13:12 | 000,056,832 | ---- | C] () -- C:\Users\Windows\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-12-29 13:04:08 | 001,637,758 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-12-28 22:35:01 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2012-12-09 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software [2012-12-09 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software [2012-12-17 16:18:32 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\AIMP3 [2012-02-07 19:13:57 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\AnvSoft [2012-12-26 19:47:55 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\AVG2013 [2012-12-25 18:47:04 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Azureus [2012-05-14 19:36:44 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Canneverbe Limited [2012-01-14 13:36:49 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\ChomikBox [2012-02-11 10:53:16 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\DAEMON Tools Lite [2012-11-03 11:36:51 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\DMCache [2012-08-14 15:00:58 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\DVDVideoSoft [2011-12-29 17:57:22 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Gadu-Gadu 10 [2012-05-06 15:49:01 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\gtk-2.0 [2012-01-05 20:00:07 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\IObit [2012-02-18 15:07:34 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\ipla [2012-09-28 18:20:16 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Nokia [2012-10-24 16:15:40 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Notepad++ [2012-09-14 12:52:21 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Origin [2012-09-28 18:20:19 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\PC Suite [2012-02-11 16:01:56 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Samsung [2012-01-04 17:06:57 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Software Informer [2012-11-28 20:48:21 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\TuneUp Software [2012-12-25 19:27:56 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Ubisoft [2012-08-31 18:00:14 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\Unity [2012-03-14 20:20:13 | 000,000,000 | ---D | M] -- C:\Users\Windows\AppData\Roaming\wargaming.net [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2012-12-27 13:38:48 | 000,004,866 | ---- | M] () -- C:\AdwCleaner[S1].txt [2011-12-28 22:38:21 | 000,000,086 | ---- | M] () -- C:\CSB.LOG [2012-12-27 13:40:12 | 2147,016,704 | -HS- | M] () -- C:\pagefile.sys [2011-12-28 22:36:11 | 000,001,705 | ---- | M] () -- C:\RHDSetup.log [2011-12-28 22:41:32 | 000,000,159 | ---- | M] () -- C:\Setup.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [2010-11-20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010-11-20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010-11-20 01:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2012-08-22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys [2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys [2012-08-22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys [2010-11-20 05:33:46 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe < End of report >[/log] Extras.txt [log]OTL Extras logfile created on: 2012-12-27 13:43:56 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Windows\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,48% Memory free 4,00 Gb Paging File | 2,80 Gb Available in Paging File | 69,93% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 34,86 Gb Total Space | 6,56 Gb Free Space | 18,81% Space Free | Partition Type: NTFS Drive D: | 39,57 Gb Total Space | 12,70 Gb Free Space | 32,09% Space Free | Partition Type: NTFS Computer Name: WIN-KOMPUTER | User Name: Windows | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "D:\Programy\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "D:\Programy\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "D:\Programy\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "D:\Programy\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "D:\Programy\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Browse with &IrfanView] -- "D:\Programy\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1B58B30D-AE43-47E4-920C-AF73250BA60B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{485345C1-E635-4F61-B35F-B1F91063A5E0}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{4D8B0E83-07D7-4D5C-A41B-3700324EA3D4}" = lport=2869 | protocol=6 | dir=in | app=system | "{7673180C-EC1C-4649-A6E8-43E75511C956}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7E8AFCCD-A52E-451C-A3FF-61020AEF2958}" = lport=445 | protocol=6 | dir=in | app=system | "{86BC8BC8-10B0-4650-AEE0-6A67FC30C051}" = rport=137 | protocol=17 | dir=out | app=system | "{8701CD4E-10E7-4669-B5E7-2D7E8403E197}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{873529DB-A158-4AA8-88A1-5CD8AF50CE5D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{89F6E98A-2EDF-4061-887F-035BCA7B6F36}" = lport=10243 | protocol=6 | dir=in | app=system | "{93DE1E68-272F-4E19-AEF5-3D14483DA7AE}" = lport=139 | protocol=6 | dir=in | app=system | "{968E8DAE-40FE-4D28-ADFC-E58F43A86BBA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{993866C3-8E14-4A36-834E-3345AB6548BB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{9C5934D9-CEF0-4155-9B51-E0F94FBF85A3}" = lport=137 | protocol=17 | dir=in | app=system | "{B4556A28-3F30-4A31-B3C5-436E5C44FB54}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{BA927290-31FE-4417-BCA1-378A08B38949}" = lport=138 | protocol=17 | dir=in | app=system | "{C43D4073-6AED-4AD3-A9EC-63303CCE37A2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C4E4091D-0BDD-40C5-BD7D-609DCA864EEC}" = rport=138 | protocol=17 | dir=out | app=system | "{C5818950-8738-47C1-8A79-4F545EAD13CD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{DE8D8188-2584-40B3-AB95-EBA45CE5199A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E4B1A8BC-B654-4F1F-BA44-6B3CBBE23522}" = rport=445 | protocol=6 | dir=out | app=system | "{E69321B8-8608-4CDB-A2D4-A4478ECDE5AE}" = rport=10243 | protocol=6 | dir=out | app=system | "{F26AE1E7-E419-4204-81A6-6F4749987B1E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F406CC56-3001-411A-B971-2204BB786619}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F5EAA343-3439-4C70-A27A-2ED93B8007FA}" = lport=6004 | protocol=17 | dir=in | app=d:\programy\microsoft office 2010\office14\outlook.exe | "{FA97726E-4BC4-4F64-81F2-8BDFB96CA564}" = rport=139 | protocol=6 | dir=out | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05EEAE13-FE0C-4D80-8ECF-D51B4FC92502}" = protocol=17 | dir=in | app=d:\programy\microsoft office 2010\office14\groove.exe | "{0EFC5BA5-B7F2-47DD-8500-2721D2C6F7DF}" = protocol=17 | dir=in | app=d:\programy\dirt3\dirt3_game.exe | "{1153C67F-B618-4A59-829C-7C51B8DEB317}" = dir=in | app=d:\programy\farming simulator 2013\farmingsimulator2013.exe | "{12D6AFA4-7E9D-42E8-8455-85A798ACFC2E}" = protocol=6 | dir=in | app=d:\programy\tcgrfs\gu.exe | "{15985078-FA8F-48FF-8621-3433BA2A0DCB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{19E8E0CB-0021-490E-A5D5-B39A64D8C0A5}" = protocol=17 | dir=in | app=d:\programy\avg2013\avgemca.exe | "{1CC7AEF0-BEC6-48F3-8DF7-FEE5BEAC78AB}" = protocol=6 | dir=in | app=d:\programy\avg anti-virus\avgnsa.exe | "{22EBC8EC-ABC6-41C5-8151-C8CFD967C54F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{23363D4A-B749-4486-A3B6-456AC958A29C}" = protocol=6 | dir=in | app=d:\programy\avg anti-virus\avgemca.exe | "{26317EF4-07A8-4283-B9A3-76EF034B9A11}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{2932CEB0-4ADD-4329-9372-D1B488D85644}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{29BC1492-E2AA-4DB2-9859-30200F273AF0}" = protocol=6 | dir=in | app=d:\programy\avg2013\avgnsa.exe | "{2B1F9362-630E-4BB1-B009-E465BE34EC92}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{38868B53-3062-430B-A91A-6AC5AD65DD81}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{3C3FA538-0C20-4F5E-BEB1-A2C65A5318D9}" = protocol=6 | dir=in | app=d:\programy\microsoft office 2010\office14\onenote.exe | "{3FEC4A37-977B-4747-A66E-20CBF05A8D77}" = protocol=17 | dir=in | app=d:\programy\avg2013\avgdiagex.exe | "{42A01063-C2A8-45A7-A204-FBFB6C759524}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{449BEFB2-A034-49B2-A442-FCC79C7A532E}" = protocol=17 | dir=in | app=d:\programy\avg2013\avgnsa.exe | "{450CE431-02D3-45D1-AAB8-43500554ACA7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{51B57335-E539-46CC-886A-D5DF89C6B3F5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{583FE73C-3111-4618-83F7-1CFC8A94B28D}" = protocol=17 | dir=in | app=d:\programy\avg anti-virus\avgdiagex.exe | "{5B1B37BE-E299-4FBF-B37D-23171481A61A}" = protocol=6 | dir=in | app=d:\programy\avg2013\avgdiagex.exe | "{5C22613D-A343-431F-8CA2-4D56FA7494CF}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{644AB586-B4A2-43CA-A290-C5F69B1120B9}" = protocol=17 | dir=in | app=d:\programy\tcgrfs\gu.exe | "{64B3C067-7FE1-49C5-8E78-3542C7B2D4B7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{69516F2E-EB31-4883-8E60-54BA5BF276D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{6AB0471D-DA85-4AC9-94FB-0611E459DE6F}" = protocol=17 | dir=in | app=d:\programy\avg2013\avgmfapx.exe | "{6E0F7189-FAAF-4E8D-9182-09B350951146}" = dir=in | app=d:\programy\farming simulator 2013\farmingsimulator2013game.exe | "{71BE0437-1B7F-4D66-B49D-57D1EF023DD1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{761603E0-1E37-4311-B1E6-62E8E7A8B367}" = protocol=17 | dir=in | app=d:\programy\avg anti-virus\avgnsa.exe | "{7667657E-3148-4137-938D-DD12E67D7C58}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{7D177032-CC1C-412C-9AB1-8D69FFB7266F}" = protocol=6 | dir=in | app=d:\programy\dirt3\dirt3_game.exe | "{7EF41F8D-377D-440A-B485-8F31DACB6841}" = protocol=17 | dir=in | app=d:\programy\samsung\npsasvr.exe | "{7F2638D6-84F2-46DE-B447-3CC574C451EB}" = protocol=17 | dir=in | app=d:\programy\avg anti-virus\avgmfapx.exe | "{8374DBE9-0851-4F42-9BA0-7068A9B7BCC1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{8572029A-7F53-4664-95EC-9C590AC00718}" = protocol=17 | dir=in | app=d:\programy\avg anti-virus\avgemca.exe | "{85C87A1B-F96A-4BE6-9BB4-934605212D5B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{87265B3E-DE3B-49D0-A2AA-0D2DF5D4123C}" = protocol=6 | dir=out | app=system | "{8F31CBBD-2F0C-492C-872F-1E5BE3768C62}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{955ACBB1-6C71-4F2F-8805-5423756E2710}" = protocol=6 | dir=in | app=d:\programy\samsung\npsvsvr.exe | "{97C4E202-792C-4A3E-838C-6601F4715ED0}" = protocol=17 | dir=in | app=d:\programy\microsoft office 2010\office14\onenote.exe | "{9C3F6985-74AA-4BD5-9952-C680C31A4AB9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A172684F-C023-42D3-ABDD-7634853C1EA4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{A7BB55E5-7DD5-4537-9402-0DBE025D8ACB}" = protocol=6 | dir=in | app=d:\programy\microsoft office 2010\office14\groove.exe | "{A7FBAF00-CC17-47C2-A9EC-2135A45292D0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AC98D7C2-73A1-457D-8445-AA6DE5A0B743}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B37FF819-4381-4EDB-BC5F-9242ABD5E5F5}" = protocol=17 | dir=in | app=d:\programy\tcgrfs\future soldier.exe | "{C0E81159-7BD1-4ACF-8154-C4ACAE12A25D}" = protocol=6 | dir=in | app=d:\programy\avg2013\avgmfapx.exe | "{C26EFA35-8FEA-42EE-AD9E-A4848CBBA22A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{D0D14AB8-8AFC-4802-A77D-A098CA4ABC38}" = protocol=6 | dir=in | app=d:\programy\samsung\npsasvr.exe | "{D0E1E5D4-EA34-4C9A-8709-AE4CB8A0C955}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{D6B53311-2EE6-47B0-931D-D754CE073533}" = protocol=6 | dir=in | app=d:\programy\avg anti-virus\avgmfapx.exe | "{D6CCAF28-90E6-4F04-A54E-81AC50D2F614}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe | "{D86D1A50-F0F7-4E00-BFE5-D44A62A26C19}" = protocol=6 | dir=in | app=d:\programy\avg2013\avgemca.exe | "{D8D32165-4686-471A-8CE8-CE623F3DB2CF}" = protocol=6 | dir=in | app=d:\programy\avg anti-virus\avgdiagex.exe | "{DF962BA5-18DB-47BE-AE0C-9C524BD86C2E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E38E0CD1-975C-460B-8737-D9F1544FC622}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E3C6F384-369F-4E7F-ADA0-C018D165DC3A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{E8815790-5741-42B9-B360-6209186603FE}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{EA8F167C-4450-4426-BD75-B3CFD451146B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{F15C1779-6CE4-416D-82C0-B5022D15A025}" = protocol=6 | dir=in | app=d:\programy\tcgrfs\future soldier.exe | "{FD2C91E9-35C1-4A37-B93C-87AAC1CD1DF0}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe | "{FE10876B-B543-434D-9116-BF6F0DBD47C8}" = protocol=17 | dir=in | app=d:\programy\samsung\npsvsvr.exe | "TCP Query User{2FC4CFAE-F671-4058-8976-83D1BE85F194}C:\windows\syswow64\svchost.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\svchost.exe | "TCP Query User{59B12F2A-CB70-42D3-9E9C-6420424F4EA3}D:\programy\fifa 13\fifa 13\game\fifa13.exe" = protocol=6 | dir=in | app=d:\programy\fifa 13\fifa 13\game\fifa13.exe | "TCP Query User{62B34BF1-98F3-4583-9510-DC2363245C14}D:\programy\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=d:\programy\gadu-gadu 10\gg.exe | "TCP Query User{8429DAA4-B25F-411C-800B-4BC8EA496869}D:\programy\tcgrfs\future soldier.exe" = protocol=6 | dir=in | app=d:\programy\tcgrfs\future soldier.exe | "TCP Query User{B325D97E-DAFD-4B88-92FC-BFAAB242047C}D:\programy\vuze\azureus.exe" = protocol=6 | dir=in | app=d:\programy\vuze\azureus.exe | "TCP Query User{D04C1F2D-F11D-4FF7-8E82-D32100804A45}D:\programy\resident evil\raccooncity.exe" = protocol=6 | dir=in | app=d:\programy\resident evil\raccooncity.exe | "UDP Query User{0333F9CC-946F-4B6F-A38A-A03D4098E8F0}D:\programy\tcgrfs\future soldier.exe" = protocol=17 | dir=in | app=d:\programy\tcgrfs\future soldier.exe | "UDP Query User{0C785F67-782C-4597-B83E-E2896F5EE584}C:\windows\syswow64\svchost.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\svchost.exe | "UDP Query User{0D0D2EC5-2EE2-4BD2-B3B8-E5129D32680E}D:\programy\vuze\azureus.exe" = protocol=17 | dir=in | app=d:\programy\vuze\azureus.exe | "UDP Query User{11996270-FA3D-45A7-81B5-C40833829705}D:\programy\fifa 13\fifa 13\game\fifa13.exe" = protocol=17 | dir=in | app=d:\programy\fifa 13\fifa 13\game\fifa13.exe | "UDP Query User{2B256038-452E-4B67-A91C-09AD3658AC0A}D:\programy\resident evil\raccooncity.exe" = protocol=17 | dir=in | app=d:\programy\resident evil\raccooncity.exe | "UDP Query User{3E78360F-EB52-4A6B-B523-F7649A6FB7E9}D:\programy\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=d:\programy\gadu-gadu 10\gg.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables "{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit) "{73105254-4936-47AC-ACDE-08D11D25E3DB}" = AVG 2013 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0015-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0016-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0018-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-0019-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001A-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001B-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-001F-0415-1000-0000000FF1CE}_Office14.PROPLUS_{329A3D98-9583-4B84-B18B-498E7AB65C43}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-002C-0415-1000-0000000FF1CE}_Office14.PROPLUS_{BFEB53FA-3044-47FD-BB50-9DCBBEED79EF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 "{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010 "{90140000-0043-0415-1000-0000000FF1CE}_Office14.PROPLUS_{FF5F6090-64DF-4BF6-BADD-71A64FDA70D2}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-0044-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-006E-0415-1000-0000000FF1CE}_Office14.PROPLUS_{3A96ABFF-5202-47B1-B5A2-DDE76563AF61}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00A1-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{90140000-00BA-0415-1000-0000000FF1CE}_Office14.PROPLUS_{E363E2E9-6AE1-4B10-94B6-015819AE201D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{AAD6E537-3EFC-4ECB-825D-C17094DB5076}" = HP Deskjet 2050 J510 series Podstawowe oprogramowanie urządzenia "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.11.0621 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.2.24.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B9D80BD8-C6F4-467C-9717-0ABA9684DA29}" = AVG 2013 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "AVG" = AVG 2013 "KLiteCodecPack64_is1" = K-Lite Codec Pack 5.5.0 (64-bit) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "NVIDIA Drivers" = NVIDIA Drivers "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "WinRAR archiver" = WinRAR 4.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0 "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.5 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9 "{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution "{6D87CAD9-9B94-4421-A439-B25F8DE14575}" = Tom Clancy's Ghost Recon Future Soldier "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Pomoc "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Polish "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}" = livebox tp "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "360Amigo" = 360 Amigo System Speedup PRO "3643efd4" = Contextual Tool Extrafind "8461-7759-5462-8226" = Vuze "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "AIMP3" = AIMP3 "BurnAware Free_is1" = BurnAware Free 5.1 "DAEMON Tools Lite" = DAEMON Tools Lite "Gadu-Gadu 10" = Gadu-Gadu 10 "IrfanView" = IrfanView (remove only) "LiveVDO" = LiveVDO "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000 "Mozilla Firefox 17.0.1 (x86 pl)" = Mozilla Firefox 17.0.1 (x86 pl) "Notepad++" = Notepad++ "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "PowerISO" = PowerISO "PunkBusterSvc" = PunkBuster Services [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3579618863-3005018423-1962738702-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-12-20 10:26:01 | Computer Name = Win-Komputer | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-12-20 11:05:11 | Computer Name = Win-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "D:\Programy\Nokia Suite\Nokia PC Suite 7\TIS_Windows7PIM.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-12-21 06:51:33 | Computer Name = Win-Komputer | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-12-21 12:34:17 | Computer Name = Win-Komputer | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-12-22 07:36:04 | Computer Name = Win-Komputer | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-12-22 14:01:15 | Computer Name = Win-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: firefox.exe, wersja: 17.0.1.4715, sygnatura czasowa: 0x50b71a4b Nazwa modułu powodującego błąd: xul.dll, wersja: 17.0.1.4715, sygnatura czasowa: 0x50b7198b Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00144ed8 Identyfikator procesu powodującego błąd: 0x8c0 Godzina uruchomienia aplikacji powodującej błąd: 0x01cde066b86d8278 Ścieżka aplikacji powodującej błąd: D:\Programy\Mozilla Firefox\firefox.exe Ścieżka modułu powodującego błąd: D:\Programy\Mozilla Firefox\xul.dll Identyfikator raportu: 9347d428-4c61-11e2-83a3-9e0e79b4eb99 Error - 2012-12-24 07:38:26 | Computer Name = Win-Komputer | Source = SideBySide | ID = 16842785 Description = Nie można wygenerować kontekstu aktywacji dla "D:\Programy\Nokia Suite\Nokia PC Suite 7\TIS_Windows7PIM.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error - 2012-12-24 16:16:59 | Computer Name = Win-Komputer | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-12-25 11:07:03 | Computer Name = Win-Komputer | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 2012-12-25 15:35:50 | Computer Name = Win-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: Future Soldier.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fc7852e Nazwa modułu powodującego błąd: Future Soldier.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4fc7852e Kod wyjątku: 0x40000015 Przesunięcie błędu: 0x00444e6a Identyfikator procesu powodującego błąd: 0x4c4 Godzina uruchomienia aplikacji powodującej błąd: 0x01cde2d2800fb324 Ścieżka aplikacji powodującej błąd: D:\Programy\TCGRFS\Future Soldier.exe Ścieżka modułu powodującego błąd: D:\Programy\TCGRFS\Future Soldier.exe Identyfikator raportu: 494bdad4-4eca-11e2-b709-ba4fb73feba5 Error - 2012-12-26 14:38:34 | Computer Name = Win-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: firefox.exe, wersja: 17.0.1.4715, sygnatura czasowa: 0x50b71a4b Nazwa modułu powodującego błąd: xul.dll, wersja: 17.0.1.4715, sygnatura czasowa: 0x50b7198b Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00144ed8 Identyfikator procesu powodującego błąd: 0xedc Godzina uruchomienia aplikacji powodującej błąd: 0x01cde39595ea87a0 Ścieżka aplikacji powodującej błąd: D:\Programy\Mozilla Firefox\firefox.exe Ścieżka modułu powodującego błąd: D:\Programy\Mozilla Firefox\xul.dll Identyfikator raportu: 73ec0400-4f8b-11e2-a27f-bb60148493d1 [ System Events ] Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:02 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:03 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error - 2012-07-27 14:40:03 | Computer Name = Win-Komputer | Source = Disk | ID = 262151 Description = W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. < End of report >[/log]
wirusolog komentarz 27 grudnia 2012 komentarz 27 grudnia 2012 Wszystko prawidłowo usunięte i w logach już niczego nie ma. W AdwCleanerze wciśnij przycisk Uninstall a w OTL - Sprzątanie.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.