Vertivadro utworzono 22 sierpnia 2014 utworzono 22 sierpnia 2014 Witam. Mam wiele problemów z Windowsem XP. Otóz komputer jest dość zaniedbany przez ściąganie niepotrzebnych programów i brak antywirusa na komputerze. Opiszę problemy mam nadzieje że pomożecie. 1. Przy starcie komputera ikony i menu start nie uruchamiają się. Trzeba dopiero w menedżeru żadań w nowym zadaniu wpisać "pulpit" i się uruchamia. Przy starcie wyskakuje też błąd że brakuje pliku idlist coś tam wstawie screena zaniedługo 2. Zacinają się gry i wgl komputer. Gdy uruchamiam grę (dokładniej Smite) to nic się nie da zrobić bo straaasznie się tnie. Nie mogę u siebie na komputerze sprawdzić czy to wina gry czy czegoś bo mam w naprawie (to jest komputer sąsiada o którym piszę) 3. Przy ściąganiu jakiegoś pliku (próbowałem głównie .exe bo chciałem antywirusa ściągnąć) wyskakuje błąd i resetuje się komputer (nie wiem jaki błąd bo zaraz się resetuje) 4. Jest dużo procesów dziwnych i niepotrzebnych w menedzerze uruchomionych być może to spowalnia komputer NIe mogę wstawić logi bo nie mam programów żadnych tu. Myśle że jest to spowodowane brakiem antywirusa. Da się zauważyć w menedzerze zadan (raz mi tak się pojawiło i zaraz znikło) coś Bron tok czy jakoś tak. mam nadzieje że pomożecie. Pozdrawiam Vertivadro P.S jeśli jest temat na forum to przepraszam mam tu wolny internet a jeszcze zacinanie się komputera denerwuje
pawel315 komentarz 22 sierpnia 2014 komentarz 22 sierpnia 2014 Czyli nie możesz pobrać programu do utworzenia logów ? ( OTL/ FRST ? ) → http://www.forumpc.pl/topic/277786-nieingerencyjne-narz%C4%99dzia-do-tworzenia-log%C3%B3w-systemowych/ To narmalne dla Brontok'a
Vertivadro komentarz 22 sierpnia 2014 Autor komentarz 22 sierpnia 2014 (edytowane) udało się ściągnąć lecz komp i tak zaliczył restart
pawel315 komentarz 22 sierpnia 2014 komentarz 22 sierpnia 2014 Możesz wejść w tryb awaryjny ? ( F8 przed startem systemu )
pawel315 komentarz 22 sierpnia 2014 komentarz 22 sierpnia 2014 To w tym trybie spróbuj wykonać logi programem FRST lub/i OTL
Vertivadro komentarz 22 sierpnia 2014 Autor komentarz 22 sierpnia 2014 Ok zrobione. Plik OTL.txt [spoiler]OTL logfile created on: 2014-08-22 15:57:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\ADMIN\Moje dokumenty\Pobrane Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,64 Gb Available Physical Memory | 88,13% Memory free 4,84 Gb Paging File | 4,72 Gb Available in Paging File | 97,53% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 34,95 Gb Free Space | 35,79% Space Free | Partition Type: NTFS Drive E: | 368,10 Gb Total Space | 32,18 Gb Free Space | 8,74% Space Free | Partition Type: NTFS Computer Name: ADMIN | User Name: ADMIN | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days========== Processes (SafeList) ========== PRC - [2014-08-22 15:32:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Moje dokumenty\Pobrane\OTL.exe PRC - [2009-07-16 23:33:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-10-25 11:32:36 | 000,036,864 | RHS- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\EXPLORER.EXE========== Modules (No Company Name) ========== MOD - [2014-05-19 15:44:06 | 000,489,984 | ---- | M] () -- C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL========== Services (SafeList) ========== SRV - [2014-08-06 13:44:58 | 000,977,184 | ---- | M] (Overwolf LTD) [On_Demand | Stopped] -- C:\Program Files\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdater) SRV - [2014-08-06 11:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9) SRV - [2014-07-30 18:14:10 | 000,114,368 | ---- | M] (Mobogenie.com) [Auto | Stopped] -- C:\Program Files\Mobogenie3\MobogenieService.exe -- (MobogenieService) SRV - [2014-07-30 08:56:14 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-07-22 15:46:52 | 000,105,664 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Mobogenie\MgAssist.exe -- (MgAssistService) SRV - [2014-07-22 09:47:56 | 001,812,992 | ---- | M] (ShopperPro) [Auto | Stopped] -- C:\Program Files\Common Files\ShopperPro\spbiu.exe -- (SPBIUpd) SRV - [2014-07-18 14:13:22 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Stopped] -- C:\Program Files\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService) SRV - [2014-06-12 08:53:30 | 000,761,968 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\IePluginServices\PluginService.exe -- (IePluginServices) SRV - [2014-06-11 07:50:12 | 000,540,304 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\WPM\wprotectmanager.exe -- (Wpm) SRV - [2014-05-29 15:45:12 | 000,068,608 | ---- | M] (globalUpdate) [On_Demand | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdatem) SRV - [2014-05-29 15:45:12 | 000,068,608 | ---- | M] (globalUpdate) [Auto | Stopped] -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe -- (globalUpdate) SRV - [2014-05-19 15:43:54 | 003,544,064 | ---- | M] (Bandoo Media Inc.) [Auto | Stopped] -- C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe -- (DatamngrCoordinator) SRV - [2014-04-30 11:24:02 | 000,143,872 | ---- | M] () [Auto | Stopped] -- C:\Program Files\BlockAndSurf-soft\BlockAndSurfKF161.exe -- (BlockAndSurf) SRV - [2014-03-14 16:17:00 | 000,036,392 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack) SRV - [2013-10-23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013-05-29 17:10:34 | 001,281,568 | ---- | M] (SPAMfighter ApS) [Auto | Stopped] -- C:\Program Files\Fighters\FighterSuiteService.exe -- (Suite Service) SRV - [2013-05-17 02:01:12 | 000,264,192 | ---- | M] (SPAMfighter ApS) [On_Demand | Stopped] -- C:\Program Files\Common Files\Common Toolkit Suite\Tools\CommonToolkit2.exe -- (Common Toolkit 2) SRV - [2013-03-12 23:27:25 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2011-03-16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-03-18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2008-06-20 13:08:08 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Stopped] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zgdcnmea.sys -- (zgdcnmea) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zgdcnet.sys -- (zgdcnet) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zgdcmdm.sys -- (zgdcmdm) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zgdcdiag.sys -- (zgdcdiag) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zgdcat.sys -- (zgdcat) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ZDPSp50.sys -- (ZDPSp50) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ZDCndis5.SYS -- (ZDCndis5) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter_lte.sys -- (massfilter_lte) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | Auto | Stopped] -- C:\DOCUME~1\ADMIN\USTAWI~1\Temp\5689.sys -- (5689) DRV - [2014-07-22 17:07:09 | 000,377,648 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2014-07-22 09:47:10 | 000,025,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\ShopperPro\spbiw.sys -- (SPBIUpdd) DRV - [2014-05-27 21:45:07 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2014-05-23 19:32:23 | 000,320,120 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2014-05-22 09:12:42 | 000,029,160 | ---- | M] (YTDownloader) [Kernel | System | Stopped] -- C:\Program Files\YTDownloader\sbmntr.sys -- (sbmntr) DRV - [2014-05-19 15:43:55 | 000,031,096 | ---- | M] (Bandoo Media Inc.) [Kernel | System | Stopped] -- C:\Program Files\Movies Toolbar\Datamngr\setmgrc1.cfg -- (F06DEFF2-5B9C-490D-910F-35D3A9119622) DRV - [2014-05-18 11:50:32 | 000,031,120 | ---- | M] (Aztec Media Inc) [Kernel | System | Stopped] -- C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg -- (F06DEFF2-5B9C-490D-910F-35D3A91196222) DRV - [2013-01-22 20:17:03 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) DRV - [2012-01-24 03:42:02 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901) DRV - [2010-06-22 00:07:39 | 000,091,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2010-04-30 10:56:24 | 006,032,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2010-04-08 20:30:10 | 000,168,040 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts) DRV - [2010-03-04 12:02:10 | 000,013,824 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2010-03-04 12:02:08 | 000,070,912 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2009-11-18 01:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 01:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-07-16 23:33:00 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3132r5.sys -- (Si3132r5) DRV - [2009-07-16 23:33:00 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3531.sys -- (Si3531) DRV - [2009-07-16 23:33:00 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\Si3114r5.sys -- (Si3114r5) DRV - [2009-07-16 23:33:00 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus) DRV - [2009-07-16 23:33:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2009-07-16 23:33:00 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3132.sys -- (Si3132) DRV - [2009-07-16 23:33:00 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3124.sys -- (Si3124) DRV - [2009-07-16 23:33:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2009-07-16 23:33:00 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2009-07-16 23:33:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2009-02-10 18:23:02 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Stopped] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2007-04-16 17:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM) DRV - [2007-03-16 11:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007-03-16 11:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2006-11-10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2006-03-01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5) DRV - [2006-01-19 18:33:26 | 000,402,432 | R--- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WlanBZXP.sys -- (SG762_XP) DRV - [2003-09-23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)========== Standard Registry (SafeList) ==================== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1402672474&from=wpm0612&uid=ST3500418AS_9VMSMZWJXXXX9VMSMZWJ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com/web/?type=ds&ts=1398804677&from=smt&uid=ST3500418AS_9VMSMZWJXXXX9VMSMZWJ&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com/web/?type=ds&ts=1398804677&from=smt&uid=ST3500418AS_9VMSMZWJXXXX9VMSMZWJ&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/ IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.qone8.com/web/?type=ds&ts=1398804677&from=smt&uid=ST3500418AS_9VMSMZWJXXXX9VMSMZWJ&q={searchTerms} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}: "URL" = http://www.default-search.net/search?sid=476&aid=132&itype=a&ver=12692&tm=323&src=ds&p={searchTerms} IE - HKLM\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm073^YY^pl&si=pconverter&ptb=1E952530-F46C-41F5-BDB1-F971D6EA86C7&ind=2013071215&n=77fd076f&psa=&st=sb&searchfor={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1402672474&from=wpm0612&uid=ST3500418AS_9VMSMZWJXXXX9VMSMZWJ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1402672474&from=wpm0612&uid=ST3500418AS_9VMSMZWJXXXX9VMSMZWJ&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1402672474&from=wpm0612&uid=ST3500418AS_9VMSMZWJXXXX9VMSMZWJ&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.gboxapp.com/http:// [Binary data over 200 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://pl.msn.com/?pc=UP97&ocid=UP97DHP IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://pl.msn.com/?pc=UP97&ocid=UP97DHP IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl-pl IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll () IE - HKCU\..\URLSearchHook: {0D52B2CA-C02E-4EC1-8E80-0A5CD2A640BD} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll () IE - HKCU\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKCU\..\SearchScopes\{1BEF9146-1A72-4747-A8FD-67D5CDFDBB07}: "URL" = http://www.mysearchresults.com/search?c=3519&t=01&q={searchTerms} IE - HKCU\..\SearchScopes\{1D147D3E-AB87-4FB2-B736-F3B96D588DC7}: "URL" = http://www.qone8.com/web/?type=ds&ts=1398804677&from=smt&uid=ST3500418AS_9VMSMZWJXXXX9VMSMZWJ&q={searchTerms} IE - HKCU\..\SearchScopes\{277200A6-1D51-49BD-8BBD-360E67AA651E}: "URL" = http://start.funmoods.com/results.php?f=4&a=mca&q={searchTerms} IE - HKCU\..\SearchScopes\{2E7FC657-34F0-4A8A-B4D4-640B3885E355}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ASV5&o=101719&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=AL&apn_dtid=YYYYYYYYPL&apn_uid=A473A6A8-3728-46F1-B005-DD8EF67B38F5&apn_sauid=9152FC29-645F-4644-8F0D-6AB8C6B1AE45 IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox IE - HKCU\..\SearchScopes\{69839FDA-8FD5-4B34-80E2-1491D215C53F}: "URL" = http://search.softonic.com/MON00084/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=671 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFA_pl IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=&systemid=&v=-&apn_uid=&apn_dtid=BND&o=APN10645&apn_ptnrs=AG6&q={searchTerms} IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=406&v=n12712-367&apn_uid=3975357032804421&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}: "URL" = http://www.default-search.net/search?sid=476&aid=132&itype=a&ver=12692&tm=323&src=ds&p={searchTerms} IE - HKCU\..\SearchScopes\{9EF63D39-6369-4972-88C9-A9946EDAD79D}: "URL" = http://search.igeared.com/dispatcher.aspx?i=63&tp=chrome&q={searchTerms} IE - HKCU\..\SearchScopes\{C5E91951-7C4A-4c33-B943-3374EA2FC504}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM IE - HKCU\..\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^HJ^xdm073^YY^pl&si=pconverter&ptb=1E952530-F46C-41F5-BDB1-F971D6EA86C7&ind=2013071215&n=77fd076f&psa=&st=sb&searchfor={searchTerms} IE - HKCU\..\SearchScopes\{F6CA0988-C10F-4629-B725-304BEDB99213}: "URL" = http://search.delta-homes.com/web/?type=ds&ts=1402672474&from=wpm0612&uid=ST3500418AS_9VMSMZWJXXXX9VMSMZWJ&q={searchTerms} IE - HKCU\..\SearchScopes\02A15CDCE569463E8FFE8C95B7692B2B: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A4067623346&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0========== FireFox ========== FF - prefs.js..extensions.enabledAddons: 143f44cf-d99c-4e45-8cd9-ef929de77aa8%40bdbf6038-0097-480c-8d8e-fc48e28131a8.com:0.95.74 FF - prefs.js..extensions.enabledAddons: 39ed7c16-185d-4f88-b976-666d4928ba01%40fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com:0.95.131 FF - prefs.js..extensions.enabledAddons: 9321b276-2c2e-4c5f-bd04-b8118e512707%40c0c8a2d6-3275-4cac-a0b2-52e936311db9.com:0.95.214 FF - prefs.js..extensions.enabledAddons: a54e453c-130a-4769-9333-c5ec2aa914c5%409bd7cc89-9c7c-44e9-a03b-042b92d363f0.com:0.95.84 FF - prefs.js..extensions.enabledAddons: faststartff%40gmail.com:4.3.0 FF - prefs.js..extensions.enabledAddons: shortcutff%40gmail.com:1.6.0 FF - prefs.js..extensions.enabledAddons: %7B746505DC-0E21-4667-97F8-72EA6BCF5EEF%7D:1.0.0.4 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameEU.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\DOCUME~1\ADMIN\DANEAP~1\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2013-02-10 14:46:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2013-02-10 14:46:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\SpeedUp@igeared: C:\Program Files\SpeedUpToolbar\Firefox\SpeedUp@igeared [2012-02-01 14:57:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha4736.net: C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha4736\ff [2013-12-27 15:29:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ext@VideoPlayerV3beta14.net: C:\Program Files\VideoPlayerV3\VideoPlayerV3beta14\ff [2014-01-10 20:02:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quick_start@gmail.com: C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\quick_start@gmail.com [2014-05-31 01:32:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\faststartff@gmail.com: C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\faststartff@gmail.com [2014-07-11 18:14:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\shortcutff@gmail.com: C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\shortcutff@gmail.com [2014-07-28 20:20:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-07-30 08:55:53 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dde15e35-c9b3-4c30-b055-730c5f4a45d3}: C:\Program Files\Lyrmix\133.xpi [2011-03-20 13:33:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Extensions [2014-08-19 12:04:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions [2014-06-03 22:44:54 | 000,000,000 | ---D | M] (Movies Toolbar (Dist. by Bandoo Media, Inc.)) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\{2977d8cc-8902-4340-be88-2c676bf96b8d} [2014-05-27 22:41:47 | 000,000,000 | ---D | M] (Shopper-Pro) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-06-03 22:44:31 | 000,000,000 | ---D | M] (Ask New Tabs) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\{CA32D3EC-15C8-DDAC-3280-BA6A760926AD} [2014-07-11 18:14:26 | 000,000,000 | ---D | M] ("Sense") -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com [2014-07-14 13:04:42 | 000,000,000 | ---D | M] ("Apps Hat") -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com [2014-07-11 18:14:18 | 000,000,000 | ---D | M] ("Object Browser") -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com [2014-07-10 16:08:45 | 000,000,000 | ---D | M] ("Plus-HD-9.1") -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com [2014-05-23 00:19:58 | 000,000,000 | ---D | M] (CheapMe) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\bemim8o0gv@uiudjbph.org [2014-05-19 19:54:26 | 000,000,000 | ---D | M] (DealstEr) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\cmoc_4pz2@eaauiy.com [2014-05-21 15:31:39 | 000,000,000 | ---D | M] (BestSSaveForYou) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\eaui@vhyhb.co.uk [2014-02-01 22:00:39 | 000,000,000 | ---D | M] (TubeItAdBlockAp) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\eeoi90x4@yayu.edu [2014-02-02 00:15:48 | 000,000,000 | ---D | M] (UTubeAdBloCk) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\ejwkib@wabyoeo.com [2014-07-11 18:14:15 | 000,000,000 | ---D | M] ("Fast Start") -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\faststartff@gmail.com [2014-08-04 09:12:57 | 000,000,000 | ---D | M] (ReigulaRDeals) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\kdf_6yyya@jsrxjzaoua.org [2014-07-03 02:26:26 | 000,000,000 | ---D | M] (FunDeaals) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\p4yqhqmg.aiia@yyoooylr.co.uk [2014-05-31 01:32:25 | 000,000,000 | ---D | M] ("Quick Start") -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\quick_start@gmail.com [2014-06-11 23:01:18 | 000,000,000 | ---D | M] (JoniCoUppon) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\s.bhxf@flphsvo.co.uk [2014-07-28 20:20:39 | 000,000,000 | ---D | M] ("shortcut") -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\shortcutff@gmail.com [2014-07-05 01:39:24 | 000,000,000 | ---D | M] ("Site Matcher") -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\sitematchersitesrc@sitematchersitesrc.com [2014-02-28 11:58:17 | 000,000,000 | ---D | M] (FuenDeals) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\yindgneq@iuiua.edu [2014-08-14 21:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com\extensionData [2014-08-14 21:18:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com\extensionData\plugins [2014-08-14 21:18:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com\extensionData\userCode [2014-08-14 21:18:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData [2014-08-14 21:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins [2014-08-14 21:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\userCode [2014-08-06 21:15:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData [2014-08-06 21:15:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins [2014-08-06 21:15:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\userCode [2014-08-19 11:54:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData [2014-08-19 11:54:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins [2014-08-19 11:54:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\userCode [2014-07-05 01:39:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profilesc0jg1djd.default\extensions [2014-07-05 01:39:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profilesc0jg1djd.default\extensions\staged [2014-01-09 04:55:34 | 000,002,842 | ---- | M] () (No name found) -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi [2014-06-03 22:44:42 | 000,002,660 | ---- | M] () -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\searchplugins\Ask.xml [2014-08-06 08:53:14 | 000,006,057 | ---- | M] () -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\searchplugins\bingp.xml [2014-05-19 15:17:32 | 000,002,579 | ---- | M] () -- C:\Documents and Settings\ADMIN\Dane aplikacji\Mozilla\Firefox\Profiles\c0jg1djd.default\searchplugins\default-search.xml [2014-07-30 08:55:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-07-30 08:56:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2014-07-30 08:55:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated(2)\extensions(2) [2014-07-30 08:55:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated(2)\extensions(2)\{972ce4c6-7e08-4474-a285-3208198ce6fd}(2) [2011-10-03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll========== Chrome ========== CHR - default_search_provider: Ask.com (Enabled) CHR - default_search_provider: search_url = http://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=D0836BE2-E90E-4749-85E3-668E9CB314A4&n=77fdc66f&ind=2013120111&p2=^ZJ^xpt293^YYA^pl&si=begin-download CHR - default_search_provider: suggest_url = http://ssmsp.ask.com/query?q={searchTerms}&li=ff&sstype=prefix, CHR - homepage: http://www.search.ask.com/?o=APN10645A&gct=hp&d=-&v=-&t=4 CHR - Extension: Quick Sidebar = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.1_0\ CHR - Extension: RootsSearch = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aolcffalbhpnojekmimmelebjchjmmgn\142\ CHR - Extension: Wookmark = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\baaofnaeiakbkdgmheeglhmailndkkni\226\ CHR - Extension: DealstEr = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bcocfiakciaeddehnaecpihnmbmalfng\1.7\ CHR - Extension: FuenDeals = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dbpmgpkpcgnjpeeafnhkhmjpimfghobh\2.2\ CHR - Extension: CheapMe = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\djgffejhbejdkfdejbalbcppelcnbjpf\5.1\ CHR - Extension: Webexp Enhanced = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\einedmdcpleagpdkiklcfcfanehofnnl\1.1_1\ CHR - Extension: BestSSaveForYou = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\eoedpfepnhjhoejlckkbfokbodffogmj\2.3\ CHR - Extension: DivX HiQ = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\ CHR - Extension: UTubeAdBloCk = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gancaacpnlefbdmldacjdkilokelmchc\2.2_1\ CHR - Extension: Video Player = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hcmkaaakpccomldjljcfibjjkkfppmjh\1.1_1\ CHR - Extension: Fun Media Bar V10 = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\iokhogohoamdhejdbenjbjkhjmjlggab\10.31.4.510_0\ CHR - Extension: Fun Media Bar V10 = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\iokhogohoamdhejdbenjbjkhjmjlggab\10.31.4.510_0\nativeMessaging\nmHost CHR - Extension: Instair Speed Dial = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kikeacjcceacohckgiajooneiabebfjj\181\ CHR - Extension: Awesome Facebook Widget ANTP = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\klpmobilbpcccgegofocnlfmallakegc\249\ CHR - Extension: BlockAndSurf = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lleebjehfemndnnddeljcileaifndhfj\1.161.0.0_0\ CHR - Extension: Google Wallet = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\ CHR - Extension: Extended Protection = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\3.4.2_0\ CHR - Extension: Widget context = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp\3.0_0\ CHR - Extension: Quick start = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\ CHR - Extension: Quick Sidebar = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.1_0\ CHR - Extension: RootsSearch = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aolcffalbhpnojekmimmelebjchjmmgn\142\ CHR - Extension: Wookmark = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\baaofnaeiakbkdgmheeglhmailndkkni\226\ CHR - Extension: DealstEr = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bcocfiakciaeddehnaecpihnmbmalfng\1.7\ CHR - Extension: FuenDeals = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dbpmgpkpcgnjpeeafnhkhmjpimfghobh\2.2\ CHR - Extension: CheapMe = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\djgffejhbejdkfdejbalbcppelcnbjpf\5.1\ CHR - Extension: Webexp Enhanced = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\einedmdcpleagpdkiklcfcfanehofnnl\1.1_1\ CHR - Extension: BestSSaveForYou = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\eoedpfepnhjhoejlckkbfokbodffogmj\2.3\ CHR - Extension: DivX HiQ = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\ CHR - Extension: UTubeAdBloCk = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gancaacpnlefbdmldacjdkilokelmchc\2.2_1\ CHR - Extension: Video Player = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\hcmkaaakpccomldjljcfibjjkkfppmjh\1.1_1\ CHR - Extension: Fun Media Bar V10 = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\iokhogohoamdhejdbenjbjkhjmjlggab\10.31.4.510_0\ CHR - Extension: Fun Media Bar V10 = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\iokhogohoamdhejdbenjbjkhjmjlggab\10.31.4.510_0\nativeMessaging\nmHost CHR - Extension: Instair Speed Dial = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kikeacjcceacohckgiajooneiabebfjj\181\ CHR - Extension: Awesome Facebook Widget ANTP = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\klpmobilbpcccgegofocnlfmallakegc\249\ CHR - Extension: BlockAndSurf = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lleebjehfemndnnddeljcileaifndhfj\1.161.0.0_0\ CHR - Extension: Google Wallet = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\ CHR - Extension: Extended Protection = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo\3.4.2_0\ CHR - Extension: Widget context = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ombmmloebnfnpehgjnmkcgoegfachobp\3.0_0\ CHR - Extension: Quick start = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\ O1 HOSTS File: ([2013-02-14 07:09:55 | 000,000,761 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Object Browser) - {11111111-1111-1111-1111-110311281150} - C:\Program Files\Object Browser\Object Browser-bho.dll (Object Browser) O2 - BHO: (Sense) - {11111111-1111-1111-1111-110411821192} - C:\Program Files\Sense\Sense-bho.dll (Object Browser) O2 - BHO: (Plus-HD-9.1) - {11111111-1111-1111-1111-110511291116} - C:\Program Files\Plus-HD-9.1\Plus-HD-9.1-bho.dll (Plus HD) O2 - BHO: (Video Player) - {134098eb-e63b-4cb9-9ba2-c4fc0710c14e} - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta14\ie\VideoPlayerV3beta14.dll () O2 - BHO: (FuenDeals) - {277320A0-4AB5-5C86-D814-12F11134D24C} - C:\Documents and Settings\All Users\Dane aplikacji\FuenDeals\PB.dll () O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited) O2 - BHO: (FUnu22SavE) - {4BAA654A-B079-56A7-E820-AF5F21A6C542} - C:\Documents and Settings\All Users\Dane aplikacji\FUnu22SavE\m5KOj1m.dll () O2 - BHO: (ReguLarDealss) - {7846A313-D46E-CC8D-9ABF-C5A6FFD36E26} - C:\Documents and Settings\All Users\Dane aplikacji\ReguLarDealss\1wv.dll () O2 - BHO: (RaNdomPrice) - {9F24D530-5FDE-992E-5553-6E070E5FD7D6} - C:\Documents and Settings\All Users\Dane aplikacji\RaNdomPrice\pfx3UH3k5e.dll () O2 - BHO: (Shopper Pro) - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\Documents and Settings\All Users\Dane aplikacji\ShopperPro\ShopperPro.dll (Goobzo Ltd.) O2 - BHO: (saveitKeep.) - {A899F762-712B-C79B-2826-7B242875A249} - C:\Documents and Settings\All Users\Dane aplikacji\saveitKeep\Ig3F.dll () O2 - BHO: (FFuunDeeals) - {E7F9012B-6970-C3C5-9F49-1AB67E001A62} - C:\Documents and Settings\All Users\Dane aplikacji\FFuunDeeals\_9kk6eWvp8.dll () O2 - BHO: (UTubeAdBloCk) - {FD444CCE-2527-E859-BBB5-849CDE393209} - C:\Documents and Settings\All Users\Dane aplikacji\UTubeAdBloCk\iHH.dll () O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (SpeedUp Toolbar) - {005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [7F6BDE] C:\WINDOWS\system32\DA2999\7F6BDE.EXE () O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [Bron-Spizaetus] C:\WINDOWS\ShellNew\sempalong.exe () O4 - HKLM..\Run: [CommonToolkitTray] C:\Program Files\Fighters\Tray\FightersTray.exe (SPAMfighter ApS) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [fst_pl_110] File not found O4 - HKLM..\Run: [fst_pl_111] C:\Program Files\fst_pl_111\fst_pl_111.exe () O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Livebox\SessionManager\SessionManager.exe (France Telecom SA) O4 - HKLM..\Run: [tuto4pc_pl_17] File not found O4 - HKLM..\Run: [tuto4pc_pl_31] File not found O4 - HKLM..\Run: [tuto4pc_pl_32] File not found O4 - HKLM..\Run: [upfst_pl_111.exe] C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\fst_pl_111\upfst_pl_111.exe () O4 - HKLM..\Run: [YTDownloader] C:\Program Files\YTDownloader\YTDownloader.exe (YTDownloader) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O4 - HKCU..\Run: [ChicaPasswordManager] C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe (ChicaLogic, Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [EXPLORER.EXE] C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O4 - HKCU..\Run: [FDPRO-516] C:\Program Files\Fighters\FighterLauncher.exe (SPAMfighter ApS) O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (PC Utilities Software Limited) O4 - HKCU..\Run: [Overwolf] C:\Program Files\Overwolf\Overwolf.exe (Overwolf LTD) O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [RDReminder] C:\Program Files\RegClean Pro\RegCleanPro.exe (Systweak Inc) O4 - HKCU..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe () O4 - HKCU..\Run: [Tok-Cirrhatus] C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\smss.exe () O4 - HKCU..\Run: [wfirewall] C:\Documents and Settings\ADMIN\Dane aplikacji\wfirewall\alg.exe () O4 - HKCU..\Run: [wsctf.exe] wsctf.exe File not found O4 - HKCU..\Run: [YTDownloader] C:\Program Files\YTDownloader\YTDownloader.exe (YTDownloader) O4 - Startup: C:\Documents and Settings\ADMIN\Menu Start\Programy\Autostart\7F6BDE.lnk = C:\WINDOWS\system32\DA2999\7F6BDE.EXE () O4 - Startup: C:\Documents and Settings\ADMIN\Menu Start\Programy\Autostart\Curse.lnk = C:\Documents and Settings\ADMIN\Dane aplikacji\Curse Client\Bin\Curse.exe (Curse, Inc) O4 - Startup: C:\Documents and Settings\ADMIN\Menu Start\Programy\Autostart\Empty.pif () O4 - Startup: C:\Documents and Settings\ADMIN\Menu Start\Programy\Autostart\GameRanger.lnk = C:\Documents and Settings\ADMIN\Dane aplikacji\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies) O4 - Startup: C:\Documents and Settings\ADMIN\Menu Start\Programy\Autostart\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) O4 - Startup: C:\Documents and Settings\ADMIN\Menu Start\Programy\Autostart\Unify3DWebPlayerUpdate.lnk = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Unify3D\WebPlayer\Unify3DWebPlayerUpdate.exe () O4 - Startup: C:\Documents and Settings\ADMIN\Menu Start\Programy\Autostart\Xfire.lnk = E:\Program Files\Xfire\Xfire.exe (Xfire Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found O8 - Extra context menu item: Ściągaj z Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABAB2621-A090-45FE-8DE2-395C2396B745}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\speeduptoolbar {A59E71FA-63AB-4695-B7B0-7B97BAA3CF9E} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O20 - HKLM Winlogon: Shell - ("C:\WINDOWS\eksplorasi.exe") - C:\WINDOWS\eksplorasi.exe () O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O27 - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\browsersafeguard.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\dprotectsvc.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\jumpflip: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\searchinstaller.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\searchprotector.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\searchsettings.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\searchsettings64.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\snapdo.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\stinst32.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\stinst64.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\umbrella.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\utiljumpflip.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\volaro: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\vonteera: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\websteroids.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\websteroidsservice.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2014-08-22 15:49:41 | 000,000,007 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2014-04-21 17:24:28 | 000,000,000 | ---D | M] - E:\AutoRun -- [ NTFS ] O32 - AutoRun File - [2005-08-19 14:34:28 | 000,733,184 | ---- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ NTFS ] O32 - AutoRun File - [2011-06-25 16:02:42 | 000,000,057 | RHS- | M] () - E:\AUTORUN.FCB -- [ NTFS ] O32 - AutoRun File - [2005-08-19 14:35:16 | 000,000,141 | ---- | M] () - E:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2005-08-05 02:15:54 | 000,585,728 | ---- | M] (Electronic Arts Inc.) - E:\AutoRunGUI.dll -- [ NTFS ] O33 - MountPoints2\{08e31b24-38df-11e2-9977-1c6f65576f76}\Shell - "" = AutoRun O33 - MountPoints2\{08e31b24-38df-11e2-9977-1c6f65576f76}\Shell\AutoRun\command - "" = G:\AutoRun.exe /s O33 - MountPoints2\{5c3b4230-1743-11e0-9115-0060b3088327}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{5c3b4230-1743-11e0-9115-0060b3088327}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{9746d3f2-b64e-11e1-9733-1c6f65576f76}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{9746d3f2-b64e-11e1-9733-1c6f65576f76}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{aa7ceb04-a7cd-11e0-932f-0060b3088327}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{aa7ceb04-a7cd-11e0-932f-0060b3088327}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{abc2695e-2955-11e0-9153-0060b3088327}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{abc2695e-2955-11e0-9153-0060b3088327}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{b6bf800e-a5a0-11e0-9325-0060b3088327}\Shell\AutoRun\command - "" = H:\eyruu.exe O33 - MountPoints2\{b6bf800e-a5a0-11e0-9325-0060b3088327}\Shell\open\Command - "" = H:\eyruu.exe O33 - MountPoints2\{b7f66834-0938-11e0-90d7-0060b3088327}\Shell\AutoRun\command - "" = H:\eyruu.exe O33 - MountPoints2\{b7f66834-0938-11e0-90d7-0060b3088327}\Shell\open\Command - "" = H:\eyruu.exe O33 - MountPoints2\{b7f66835-0938-11e0-90d7-0060b3088327}\Shell\AutoRun\command - "" = I:\eyruu.exe O33 - MountPoints2\{b7f66835-0938-11e0-90d7-0060b3088327}\Shell\open\Command - "" = I:\eyruu.exe O33 - MountPoints2\{b7f6687d-0938-11e0-90d7-0060b3088327}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{b7f6687d-0938-11e0-90d7-0060b3088327}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{dc77dbf6-e006-11e1-9814-1c6f65576f76}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{dc77dbf6-e006-11e1-9814-1c6f65576f76}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{e70a9ec4-fcb7-11e0-9403-1c6f65576f76}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{e70a9ec4-fcb7-11e0-9403-1c6f65576f76}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{f0add81e-b4d7-11e1-972e-1c6f65576f76}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{f0add81e-b4d7-11e1-972e-1c6f65576f76}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{fe5a9026-52d9-11e0-91f6-0060b3088327}\Shell\AutoRun\command - "" = G:\EXPLORER.EXE O33 - MountPoints2\{fe5a9026-52d9-11e0-91f6-0060b3088327}\Shell\explore\Command - "" = G:\EXPLORER.EXE O33 - MountPoints2\{fe5a9026-52d9-11e0-91f6-0060b3088327}\Shell\open\Command - "" = G:\ O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O36 - AppCertDlls: x64 - (c:\program files\settings manager\systemk\x64\sysapcrt.dll) - File not found O36 - AppCertDlls: x86 - (C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll) - C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll () O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)========== Files/Folders - Created Within 30 Days ========== [2014-08-21 02:53:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\SwitchBot [2014-08-21 00:11:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\Soft-4-Free.com [2014-08-20 17:58:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Browser AdBlocker [2014-08-19 21:28:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew [2014-08-17 15:45:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Pulpit\smite [2014-08-17 15:44:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Hi-Rez Studios [2014-08-17 15:44:49 | 000,000,000 | ---D | C] -- C:\Program Files\Hi-Rez Studios [2014-08-17 14:46:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data [2014-08-16 16:07:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamViewer 9 [2014-08-16 16:07:29 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2014-08-10 02:05:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Macromedia [2014-08-09 01:00:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Adobe [2014-08-08 20:05:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\Curse Client [2014-08-08 20:05:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\Curse [2014-08-08 19:47:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ADMIN\Recent [2014-08-08 19:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2014-08-08 19:33:37 | 000,000,000 | ---D | C] -- C:\logs [2014-08-04 09:12:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ReguLarDealss [2014-07-30 08:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014-07-29 14:41:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Dane aplikacji\Awesomium [2014-07-29 14:37:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Hi-Rez Studios [2014-04-30 11:15:09 | 001,728,322 | ---- | C] (AnyProtect.com) -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\AnyProtectScannerSetup.exe [2012-01-23 14:49:50 | 002,371,152 | ---- | C] (DownVision ) -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\setup.exe [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]========== Files - Modified Within 30 Days ========== [2014-08-22 15:56:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014-08-22 15:55:48 | 000,000,677 | ---- | M] () -- C:\Documents and Settings\ADMIN\Menu Start\Programy\Autostart\7F6BDE.lnk [2014-08-22 15:55:48 | 000,000,380 | ---- | M] () -- C:\WINDOWS\tasks\BlockAndSurf_wd.job [2014-08-22 15:55:48 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\YTDownloader.job [2014-08-22 15:53:47 | 000,001,560 | ---- | M] () -- C:\WINDOWS\tasks\ca91e4a6-ab07-4dc2-9156-7c7e5962e962-7.job [2014-08-22 15:53:43 | 000,001,332 | ---- | M] () -- C:\WINDOWS\tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-7.job [2014-08-22 15:50:15 | 000,001,316 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\Wyczyść rejestr za darmo!.lnk [2014-08-22 15:50:10 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job [2014-08-22 15:50:01 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job [2014-08-22 15:49:41 | 000,000,007 | -HS- | M] () -- C:\AUTOEXEC.BAT [2014-08-22 15:49:17 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\BlockAndSurf Update.job [2014-08-22 15:49:14 | 000,001,538 | ---- | M] () -- C:\WINDOWS\tasks\Apps Hat-updater.job [2014-08-22 15:49:14 | 000,001,400 | ---- | M] () -- C:\WINDOWS\tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-6.job [2014-08-22 15:49:13 | 000,001,620 | ---- | M] () -- C:\WINDOWS\tasks\ca91e4a6-ab07-4dc2-9156-7c7e5962e962-6.job [2014-08-22 15:49:13 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\YTDownloaderUpd.job [2014-08-22 15:49:13 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\ShopperProJSUpd.job [2014-08-22 15:49:10 | 000,001,364 | ---- | M] () -- C:\WINDOWS\tasks\Apps Hat-enabler.job [2014-08-22 15:49:10 | 000,001,358 | ---- | M] () -- C:\WINDOWS\tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-2.job [2014-08-22 15:49:10 | 000,001,350 | ---- | M] () -- C:\WINDOWS\tasks\fe460948-c484-4043-93ee-8f2111752f7a-2.job [2014-08-22 15:49:09 | 000,002,756 | ---- | M] () -- C:\WINDOWS\tasks\fe460948-c484-4043-93ee-8f2111752f7a-3.job [2014-08-22 15:49:09 | 000,002,134 | ---- | M] () -- C:\WINDOWS\tasks\fe460948-c484-4043-93ee-8f2111752f7a-4.job [2014-08-22 15:49:09 | 000,001,608 | ---- | M] () -- C:\WINDOWS\tasks\ca91e4a6-ab07-4dc2-9156-7c7e5962e962-2.job [2014-08-22 15:48:51 | 000,001,718 | ---- | M] () -- C:\WINDOWS\tasks\ca91e4a6-ab07-4dc2-9156-7c7e5962e962-5.job [2014-08-22 15:48:51 | 000,001,432 | ---- | M] () -- C:\WINDOWS\tasks\fe460948-c484-4043-93ee-8f2111752f7a-5.job [2014-08-22 15:48:50 | 000,001,484 | ---- | M] () -- C:\WINDOWS\tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-5.job [2014-08-22 15:48:46 | 000,003,768 | ---- | M] () -- C:\WINDOWS\tasks\ca91e4a6-ab07-4dc2-9156-7c7e5962e962-3.job [2014-08-22 15:48:46 | 000,002,376 | ---- | M] () -- C:\WINDOWS\tasks\ca91e4a6-ab07-4dc2-9156-7c7e5962e962-4.job [2014-08-22 15:48:45 | 000,002,184 | ---- | M] () -- C:\WINDOWS\tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-4.job [2014-08-22 15:48:43 | 000,000,466 | ---- | M] () -- C:\WINDOWS\tasks\ShopperPro.job [2014-08-22 15:48:40 | 000,002,362 | ---- | M] () -- C:\WINDOWS\tasks\Apps Hat-firefoxinstaller.job [2014-08-22 15:48:39 | 000,001,624 | ---- | M] () -- C:\WINDOWS\tasks\ca91e4a6-ab07-4dc2-9156-7c7e5962e962-1.job [2014-08-22 15:48:39 | 000,001,480 | ---- | M] () -- C:\WINDOWS\tasks\Apps Hat-codedownloader.job [2014-08-22 15:48:39 | 000,001,392 | ---- | M] () -- C:\WINDOWS\tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-1.job [2014-08-22 15:48:39 | 000,001,362 | ---- | M] () -- C:\WINDOWS\tasks\fe460948-c484-4043-93ee-8f2111752f7a-1.job [2014-08-22 15:48:39 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\SMupdate3.job [2014-08-22 15:48:39 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\SMupdate2.job [2014-08-22 15:48:39 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\SMupdate1.job [2014-08-22 15:48:39 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job [2014-08-22 15:48:39 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job [2014-08-22 15:48:38 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2014-08-22 15:48:38 | 000,000,356 | -H-- | M] () -- C:\WINDOWS\tasks\couponsupport-S-649636217.job [2014-08-22 15:48:38 | 000,000,338 | ---- | M] () -- C:\WINDOWS\tasks\Lyrmix Update.job [2014-08-22 15:48:38 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\Go for FilesUpdate.job [2014-08-22 15:28:26 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2014-08-22 15:17:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2014-08-22 15:08:00 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\SPBIW_UpdateTask_Time_333734303930313232312d235b783432415b45345a2d6c.job [2014-08-22 15:02:39 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job [2014-08-22 14:49:59 | 000,130,362 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\błąd.JPG [2014-08-22 14:49:43 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\ADMIN\Pulpit\bez tytułu.bmp [2014-08-22 14:08:28 | 000,000,388 | ---- | M] () -- C:\WINDOWS\tasks\Overwolf Updater Task.job [2014-08-22 13:15:00 | 000,000,452 | ---- | M] () -- C:\WINDOWS\tasks\DTReg.job [2014-08-22 12:16:21 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job [2014-08-22 02:09:26 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2014-08-21 15:44:32 | 000,000,565 | ---- | M] () -- C:\WINDOWS\System32\MyDefrag.debuglog [2014-08-21 15:08:32 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for ADMIN.job [2014-08-20 23:56:33 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job [2014-08-19 21:38:35 | 000,110,345 | ---- | M] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Bron.tok.A12.em.bin [2014-08-19 01:55:02 | 000,000,115 | ---- | M] () -- C:\Documents and Settings\ADMIN\Dane aplikacji\WB.CFG [2014-08-18 15:59:44 | 000,001,696 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Hi-Rez Diagnostics and Support.lnk [2014-08-18 15:59:44 | 000,001,687 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Smite.lnk [2014-08-18 12:14:21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2014-08-18 01:49:26 | 000,147,968 | ---- | M] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-08-16 21:56:50 | 000,127,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2014-08-08 20:06:00 | 000,001,039 | ---- | M] () -- C:\Documents and Settings\ADMIN\Menu Start\Programy\Autostart\Curse.lnk [2014-08-08 15:00:56 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job [2014-08-01 02:10:17 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\ADMIN\Moje dokumenty\ts3_clientui-win32-1403250090-2014-08-01 02_10_17.531250.dmp [2014-07-31 12:01:31 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\*.tmp files -> C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\*.tmp -> ]========== Files Created - No Company Name ========== [2014-08-22 14:49:59 | 000,130,362 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\błąd.JPG [2014-08-22 14:45:25 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\bez tytułu.bmp [2014-08-20 18:36:49 | 000,001,722 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\Serious Sam Drugie Starcie.lnk [2014-08-20 18:36:47 | 000,001,732 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\Serious Sam Pierwsze Starcie.lnk [2014-08-19 21:38:35 | 000,110,345 | ---- | C] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Bron.tok.A12.em.bin [2014-08-18 15:59:44 | 000,001,696 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Hi-Rez Diagnostics and Support.lnk [2014-08-18 15:59:44 | 000,001,687 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Smite.lnk [2014-08-17 10:08:01 | 000,001,316 | ---- | C] () -- C:\Documents and Settings\ADMIN\Pulpit\Wyczyść rejestr za darmo!.lnk [2014-08-10 07:53:44 | 001,668,034 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-796845957-1085031214-682003330-500-0.dat [2014-08-10 07:53:43 | 000,114,674 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2014-08-08 20:06:00 | 000,001,039 | ---- | C] () -- C:\Documents and Settings\ADMIN\Menu Start\Programy\Autostart\Curse.lnk [2014-08-01 02:10:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ADMIN\Moje dokumenty\ts3_clientui-win32-1403250090-2014-08-01 02_10_17.531250.dmp [2014-05-01 07:44:14 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll [2014-05-01 07:44:14 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll [2014-05-01 07:43:01 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SI.bin [2014-04-30 11:10:52 | 000,000,324 | ---- | C] () -- C:\Documents and Settings\ADMIN\Dane aplikacji\aps.uninstall.scan.results [2014-03-09 01:55:22 | 000,000,064 | ---- | C] () -- C:\Documents and Settings\LocalService\Dane aplikacji\WB.CFG [2014-02-27 02:20:05 | 000,239,104 | ---- | C] () -- C:\WINDOWS\var.dll [2014-02-01 22:21:20 | 000,002,660 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol [2014-01-10 04:55:48 | 000,000,199 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\WB.CFG [2014-01-09 04:55:45 | 000,000,115 | ---- | C] () -- C:\Documents and Settings\ADMIN\Dane aplikacji\WB.CFG [2013-10-11 00:00:29 | 000,823,704 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2013-10-09 15:44:39 | 000,001,116 | RHS- | C] () -- C:\Documents and Settings\ADMIN\ntuser.pol [2013-07-04 01:10:53 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2013-04-14 19:41:42 | 000,000,047 | ---- | C] () -- C:\WINDOWS\bomber.ini [2013-04-10 22:29:48 | 000,000,026 | ---- | C] () -- C:\WINDOWS\compedia.ini [2013-01-25 08:03:21 | 000,588,800 | ---- | C] () -- C:\WINDOWS\kb680802.exe [2013-01-25 00:02:30 | 000,588,800 | ---- | C] () -- C:\WINDOWS\kb243699.exe [2013-01-24 16:02:28 | 000,588,800 | ---- | C] () -- C:\WINDOWS\kb210068.exe [2013-01-24 08:02:19 | 000,588,800 | ---- | C] () -- C:\WINDOWS\kb481628.exe [2013-01-24 00:08:20 | 000,588,800 | ---- | C] () -- C:\WINDOWS\kb763382.exe [2012-11-24 08:21:11 | 000,016,677 | ---- | C] () -- C:\WINDOWS\wininit.ini [2012-11-15 15:41:53 | 000,004,962 | ---- | C] () -- C:\Documents and Settings\ADMIN\Dane aplikacji\setup.inf [2012-11-15 15:41:53 | 000,000,283 | ---- | C] () -- C:\Documents and Settings\ADMIN\Dane aplikacji\setup.rpt [2012-09-13 17:58:56 | 000,002,255 | ---- | C] () -- C:\Documents and Settings\All Users\lxdi [2012-09-03 23:33:05 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2012-09-03 19:10:38 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-02-27 18:55:41 | 000,000,288 | ---- | C] () -- C:\Documents and Settings\ADMIN\Dane aplikacji\.backup.dm [2012-01-23 14:49:28 | 000,460,624 | ---- | C] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\promo.exe [2012-01-18 09:53:10 | 000,042,687 | ---- | C] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\winlogon.exe [2012-01-18 09:53:10 | 000,042,687 | ---- | C] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\smss.exe [2012-01-18 09:53:10 | 000,042,687 | ---- | C] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\services.exe [2012-01-18 09:53:10 | 000,042,687 | ---- | C] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\lsass.exe [2012-01-18 09:53:10 | 000,042,687 | ---- | C] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\inetinfo.exe [2012-01-18 09:53:10 | 000,042,687 | ---- | C] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\csrss.exe [2010-12-16 21:08:52 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-12-16 20:45:07 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\ADMIN\Dane aplikacji\PnkBstrK.sys [2010-12-16 00:37:46 | 000,147,968 | ---- | C] () -- C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini========== ZeroAccess Check ========== [2010-12-09 17:25:31 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009-07-16 23:33:00 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-07-16 23:33:00 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2009-07-16 23:33:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both========== Alternate Data Streams ========== @Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:AD022376 @Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:373E1720 @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:D1B5B4F1 < End of report >[/spoiler] A oto Extras.txt [spoiler]OTL Extras logfile created on: 2014-08-22 15:57:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\ADMIN\Moje dokumenty\Pobrane Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,64 Gb Available Physical Memory | 88,13% Memory free 4,84 Gb Paging File | 4,72 Gb Available in Paging File | 97,53% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 34,95 Gb Free Space | 35,79% Space Free | Partition Type: NTFS Drive E: | 368,10 Gb Total Space | 32,18 Gb Free Space | 8,74% Space Free | Partition Type: NTFS Computer Name: ADMIN | User Name: ADMIN | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (FTA ApS) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "E:\komba\Combat Arms EU\CombatArms.exe" = E:\komba\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "E:\komba\Combat Arms EU\Engine.exe" = E:\komba\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "E:\CES\Combat Arms EU\CombatArms.exe" = E:\CES\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "E:\CES\Combat Arms EU\Engine.exe" = E:\CES\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "C:\Program Files\Lexmark 3500-4500 Series\app4r.exe" = C:\Program Files\Lexmark 3500-4500 Series\App4R.exe:*:Enabled:Lexmark Imaging Studio [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Metin2\metin2.bin" = C:\Program Files\Metin2\metin2.bin:*:Disabled:metin2 "C:\Program Files\Metin2\metin2client.bin" = C:\Program Files\Metin2\metin2client.bin:*:Enabled:metin2client "C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- () "C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- () "C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager "C:\Documents and Settings\ADMIN\Pulpit\Metin\metin2.bin" = C:\Documents and Settings\ADMIN\Pulpit\Metin\metin2.bin:*:Enabled:metin2 "C:\Documents and Settings\ADMIN\Pulpit\Nowy folder\metin2.bin" = C:\Documents and Settings\ADMIN\Pulpit\Nowy folder\metin2.bin:*:Enabled:metin2 "C:\Documents and Settings\ADMIN\Pulpit\Nowy folder\metin2client.bin" = C:\Documents and Settings\ADMIN\Pulpit\Nowy folder\metin2client.bin:*:Enabled:metin2client "C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe" = C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\Launcher.exe:*:Enabled:Need for Speed(TM) Hot Pursuit "C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\NFS11.exe" = C:\Program Files\Electronic Arts\Need for Speed(TM) Hot Pursuit\NFS11.exe:*:Disabled:Need for Speed(TM) Hot Pursuit Application "E:\Program Files\StarCraft II\StarCraft II.exe" = E:\Program Files\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher "E:\Program Files\EA SPORTS\FIFA 06\fifa06.exe" = E:\Program Files\EA SPORTS\FIFA 06\fifa06.exe:*:Disabled:fifa06 "E:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe" = E:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe:*:Disabled:Mass Effect 2 "C:\Documents and Settings\ADMIN\Pulpit\Metin\metin2client.bin" = C:\Documents and Settings\ADMIN\Pulpit\Metin\metin2client.bin:*:Disabled:metin2client "C:\Documents and Settings\ADMIN\Pulpit\tomek to chui\metin2.bin" = C:\Documents and Settings\ADMIN\Pulpit\tomek to chui\metin2.bin:*:Disabled:metin2 "C:\Documents and Settings\ADMIN\Pulpit\tomek to chui\metin2client.bin" = C:\Documents and Settings\ADMIN\Pulpit\tomek to chui\metin2client.bin:*:Disabled:metin2client "C:\Documents and Settings\ADMIN\Pulpit\Metin Chinski\DragonMT2\DragonMT2\DragonMT2.exe" = C:\Documents and Settings\ADMIN\Pulpit\Metin Chinski\DragonMT2\DragonMT2\DragonMT2.exe:*:Disabled:DragonMT2 Klient "C:\Documents and Settings\ADMIN\Pulpit\baiki\Metin Chinski\DragonMT2\DragonMT2\DragonMT2.exe" = C:\Documents and Settings\ADMIN\Pulpit\baiki\Metin Chinski\DragonMT2\DragonMT2\DragonMT2.exe:*:Disabled:DragonMT2 Klient "C:\Documents and Settings\ADMIN\Moje dokumenty\baiki\Metin Chinski\DragonMT2\DragonMT2\DragonMT2.exe" = C:\Documents and Settings\ADMIN\Moje dokumenty\baiki\Metin Chinski\DragonMT2\DragonMT2\DragonMT2.exe:*:Disabled:DragonMT2 Klient "C:\Documents and Settings\ADMIN\Pulpit\MAIA\Metin Chinski\DragonMT2\DragonMT2\DragonMT2.exe" = C:\Documents and Settings\ADMIN\Pulpit\MAIA\Metin Chinski\DragonMT2\DragonMT2\DragonMT2.exe:*:Disabled:DragonMT2 Klient "E:\Program Files\Gadu-Gadu 10\gg.exe" = E:\Program Files\Gadu-Gadu 10\gg.exe:*:Disabled:Gadu-Gadu 10 "C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" = C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club "C:\Documents and Settings\ADMIN\Dane aplikacji\PowerChallenge\PowerSoccer\PowerSoccer.exe" = C:\Documents and Settings\ADMIN\Dane aplikacji\PowerChallenge\PowerSoccer\PowerSoccer.exe:*:Disabled:PowerSoccer -- () "C:\Documents and Settings\ADMIN\Pulpit\MAIA\XTRAS\Metin Chinski\DragonMT2\DragonMT2\DragonMT2.exe" = C:\Documents and Settings\ADMIN\Pulpit\MAIA\XTRAS\Metin Chinski\DragonMT2\DragonMT2\DragonMT2.exe:*:Disabled:DragonMT2 Klient "E:\Program Files\NAMCO BANDAI Games\Warhammer Mark of Chaos DEMO\Warhammer_DEMO.exe" = E:\Program Files\NAMCO BANDAI Games\Warhammer Mark of Chaos DEMO\Warhammer_DEMO.exe:*:Disabled:Warhammer®: Mark of Chaos™ Single Player Demo "C:\Documents and Settings\ADMIN\Moje dokumenty\AA\DragonMT2.exe" = C:\Documents and Settings\ADMIN\Moje dokumenty\AA\DragonMT2.exe:*:Disabled:DragonMT2 Klient "C:\Documents and Settings\ADMIN\Moje dokumenty\GTA Vice City User Files\ces\DragonMT2.exe" = C:\Documents and Settings\ADMIN\Moje dokumenty\GTA Vice City User Files\ces\DragonMT2.exe:*:Disabled:DragonMT2 Klient "E:\gry1232\PES2008.exe" = E:\gry1232\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 "C:\Documents and Settings\ADMIN\Pulpit\PES2008.exe" = C:\Documents and Settings\ADMIN\Pulpit\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 "C:\Documents and Settings\ADMIN\Pulpit\gry\PES2008.exe" = C:\Documents and Settings\ADMIN\Pulpit\gry\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008 "C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes] "C:\Documents and Settings\ADMIN\Pulpit\DragonMT2\DragonMT2.exe" = C:\Documents and Settings\ADMIN\Pulpit\DragonMT2\DragonMT2.exe:*:Enabled:DragonMT2 "C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon) "C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "E:\komba\Combat Arms EU\CombatArms.exe" = E:\komba\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "G:\PandoraMT2\PandoraMT2.exe" = G:\PandoraMT2\PandoraMT2.exe:*:Enabled:PandoraMT2 Klient "C:\Documents and Settings\ADMIN\Pulpit\Pandora MT2\PandoraMT2\PandoraMT2.exe" = C:\Documents and Settings\ADMIN\Pulpit\Pandora MT2\PandoraMT2\PandoraMT2.exe:*:Enabled:PandoraMT2 Klient "C:\Documents and Settings\ADMIN\Pulpit\PandoraMT2\PandoraMT2.exe" = C:\Documents and Settings\ADMIN\Pulpit\PandoraMT2\PandoraMT2.exe:*:Disabled:PandoraMT2 Klient "C:\Documents and Settings\ADMIN\Pulpit\wwo\muza]]\DragonMT2.exe" = C:\Documents and Settings\ADMIN\Pulpit\wwo\muza]]\DragonMT2.exe:*:Enabled:DragonMT2 Klient "C:\Documents and Settings\ADMIN\Pulpit\Tapety\DragonMT2\DragonMT2.exe" = C:\Documents and Settings\ADMIN\Pulpit\Tapety\DragonMT2\DragonMT2.exe:*:Enabled:DragonMT2 "C:\Documents and Settings\ADMIN\Pulpit\Metin\DragonMT2\DragonMT2.exe" = C:\Documents and Settings\ADMIN\Pulpit\Metin\DragonMT2\DragonMT2.exe:*:Enabled:DragonMT2 "C:\Documents and Settings\ADMIN\Pulpit\gry\GRY Z NOWEI PŁYTY\Metin\metin2client.bin" = C:\Documents and Settings\ADMIN\Pulpit\gry\GRY Z NOWEI PŁYTY\Metin\metin2client.bin:*:Enabled:metin2client "C:\Documents and Settings\ADMIN\Pulpit\Tapety\Metin\metin2client.bin" = C:\Documents and Settings\ADMIN\Pulpit\Tapety\Metin\metin2client.bin:*:Enabled:metin2client "C:\Program Files\EA SPORTS\FIFA 11\Game\fifa.exe" = C:\Program Files\EA SPORTS\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11 "C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Documents and Settings\ADMIN\Pulpit\Tapety\Pandora MT2\PandoraMT2\PandoraMT2.exe" = C:\Documents and Settings\ADMIN\Pulpit\Tapety\Pandora MT2\PandoraMT2\PandoraMT2.exe:*:Enabled:PandoraMT2 Klient "E:\CES\Metin2\metin2client.bin" = E:\CES\Metin2\metin2client.bin:*:Enabled:metin2client "E:\Program Files\Counter-Strike 1.6\hl.exe" = E:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher "E:\Program Files\Counter-Strike 1.6\hlds.exe" = E:\Program Files\Counter-Strike 1.6\hlds.exe:*:Enabled:HLDS Launcher "G:\hl.exe" = G:\hl.exe:*:Enabled:Half-Life Launcher "C:\Documents and Settings\ADMIN\Pulpit\Gandzia\hltv.exe" = C:\Documents and Settings\ADMIN\Pulpit\Gandzia\hltv.exe:*:Enabled:HLTV Launcher "C:\Documents and Settings\ADMIN\Pulpit\Gandzia\hl.exe" = C:\Documents and Settings\ADMIN\Pulpit\Gandzia\hl.exe:*:Enabled:Half-Life Launcher "G:\ProMT2\csrss.sys" = G:\ProMT2\csrss.sys:*:Enabled:csrss "C:\Program Files\e-zasoby\giFT\giFTl.exe" = C:\Program Files\e-zasoby\giFT\giFTl.exe:*:Enabled:Pobieraj pliki z internetu "C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule "C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger -- (Creative Team S.A.) "G:\DragonMT2.exe" = G:\DragonMT2.exe:*:Enabled:DragonMT2 "H:\DragonMT2.exe" = H:\DragonMT2.exe:*:Enabled:DragonMT2 "E:\CES\Combat Arms EU\CombatArms.exe" = E:\CES\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe "E:\CES\Combat Arms EU\Engine.exe" = E:\CES\Combat Arms EU\Engine.exe:*Enabled:Engine.exe "E:\CES\Combat Arms EU\NMService.exe" = E:\CES\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core "E:\komba\Combat Arms EU\NMService.exe" = E:\komba\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core "C:\Documents and Settings\tomasz\Moje dokumenty\Combat Arms EU\NMService.exe" = C:\Documents and Settings\tomasz\Moje dokumenty\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core "E:\Gadu-Gadu 10\gg.exe" = E:\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 "E:\komba\EADM\Core.exe" = E:\komba\EADM\Core.exe:*:Enabled:EA Download Manager "C:\Documents and Settings\ADMIN\Pulpit\gry\metin\nemory\XenoX_MT2_Klient(nowy patch)\metin2client.exe" = C:\Documents and Settings\ADMIN\Pulpit\gry\metin\nemory\XenoX_MT2_Klient(nowy patch)\metin2client.exe:*:Enabled:metin2client "C:\Program Files\iMetin\starter.exe" = C:\Program Files\iMetin\starter.exe:*:Enabled:starter "C:\Documents and Settings\ADMIN\Pulpit\gry\metin\PandoraMT2(2)\PandoraMT2\metin2.bin" = C:\Documents and Settings\ADMIN\Pulpit\gry\metin\PandoraMT2(2)\PandoraMT2\metin2.bin:*:Enabled:metin2 "C:\Documents and Settings\ADMIN\Pulpit\gry\metin\nemory\EliteMT2\metin2.bin" = C:\Documents and Settings\ADMIN\Pulpit\gry\metin\nemory\EliteMT2\metin2.bin:*:Enabled:metin2 "E:\Program Files\Mozilla Firefox\CavalosMT2\Launcher.exe" = E:\Program Files\Mozilla Firefox\CavalosMT2\Launcher.exe:*:Enabled:Launcher "E:\CES\Metin2\metin2.exe" = E:\CES\Metin2\metin2.exe:*:Enabled:metin2 "C:\Documents and Settings\ADMIN\Pulpit\gry\metin\LomaxMT2\LomaxMT2\LomaxMT2.exe" = C:\Documents and Settings\ADMIN\Pulpit\gry\metin\LomaxMT2\LomaxMT2\LomaxMT2.exe:*:Enabled:LomaxMT2 "C:\Documents and Settings\ADMIN\Pulpit\gry\metin\Metin5 S1 Oficial Client 2011\Metin5 S1 Oficial Client\Metin5.exe" = C:\Documents and Settings\ADMIN\Pulpit\gry\metin\Metin5 S1 Oficial Client 2011\Metin5 S1 Oficial Client\Metin5.exe:*:Enabled:Metin5 "E:\komba\game.exe" = E:\komba\game.exe:*:Enabled:game "C:\Documents and Settings\ADMIN\Pulpit\Metin5 S1 Oficial Client 2011\Metin5 S1 Oficial Client\Metin5.exe" = C:\Documents and Settings\ADMIN\Pulpit\Metin5 S1 Oficial Client 2011\Metin5 S1 Oficial Client\Metin5.exe:*:Enabled:Metin5 "C:\Documents and Settings\ADMIN\Pulpit\gry\metin\Metin5 S1 Oficial Client\Metin5.exe" = C:\Documents and Settings\ADMIN\Pulpit\gry\metin\Metin5 S1 Oficial Client\Metin5.exe:*:Enabled:Metin5 "C:\Documents and Settings\ADMIN\Pulpit\gry\metin\Metin5 S1 Oficial Client 2011\Metin5 S1 Oficial Client\metin2mod_2011sf.exe" = C:\Documents and Settings\ADMIN\Pulpit\gry\metin\Metin5 S1 Oficial Client 2011\Metin5 S1 Oficial Client\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf "C:\Documents and Settings\ADMIN\Pulpit\gry\metin\Metin5 S1 Oficial Client\metin2mod_2011sf.exe" = C:\Documents and Settings\ADMIN\Pulpit\gry\metin\Metin5 S1 Oficial Client\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf "C:\Program Files\DownVision\DownVision.exe" = C:\Program Files\DownVision\DownVision.exe:*:Enabled:DownVision "G:\SonixMT2\Launcher.exe" = G:\SonixMT2\Launcher.exe:*:Enabled:Launcher "C:\Documents and Settings\ADMIN\Pulpit\SonixMT2\Launcher.exe" = C:\Documents and Settings\ADMIN\Pulpit\SonixMT2\Launcher.exe:*:Enabled:Launcher "C:\Documents and Settings\ADMIN\Pulpit\PandoraMT2\metin2.bin" = C:\Documents and Settings\ADMIN\Pulpit\PandoraMT2\metin2.bin:*:Enabled:metin2 "C:\Program Files\Metin2\metin2mod_2011sf.exe" = C:\Program Files\Metin2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf "C:\Documents and Settings\ADMIN\Pulpit\Metin5 S1 Oficial Client\Metin5.exe" = C:\Documents and Settings\ADMIN\Pulpit\Metin5 S1 Oficial Client\Metin5.exe:*:Enabled:Metin5 "C:\Documents and Settings\ADMIN\Pulpit\PandoraMT2\Launcher.exe" = C:\Documents and Settings\ADMIN\Pulpit\PandoraMT2\Launcher.exe:*:Enabled:Launcher "C:\Program Files\Balmora.pl\metin2client.dll" = C:\Program Files\Balmora.pl\metin2client.dll:*:Enabled:metin2client "E:\Program Files\GameSpy Arcade\Aphex.exe" = E:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade "C:\Documents and Settings\ADMIN\Pulpit\Metin5 S1 Oficial Client 03 Marzec 2012\Metin5 S1 Oficial Client\Metin5.exe" = C:\Documents and Settings\ADMIN\Pulpit\Metin5 S1 Oficial Client 03 Marzec 2012\Metin5 S1 Oficial Client\Metin5.exe:*:Enabled:Metin5 "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam "C:\Documents and Settings\ADMIN\Pulpit\PandoraMT2\Metin5 S1 Oficial Client\Metin5.exe" = C:\Documents and Settings\ADMIN\Pulpit\PandoraMT2\Metin5 S1 Oficial Client\Metin5.exe:*:Enabled:Metin5 "E:\komba\Combat Arms EU\Engine.exe" = E:\komba\Combat Arms EU\Engine.exe:*:Enabled:Combat Arms "E:\Program Files\THQ\Dawn of War\W40k.exe" = E:\Program Files\THQ\Dawn of War\W40k.exe:*:Disabled:W40K "C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe" = C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 "C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe" = C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 "C:\WINDOWS\system32\lxdicoms.exe" = C:\WINDOWS\system32\lxdicoms.exe:*:Enabled:3500-4500 Series Server "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdipswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdipswx.exe:*:Enabled:Printer Status Window Interface "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxditime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxditime.exe:*:Enabled:Lexmark Connect Time Executable "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdijswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdijswx.exe:*:Enabled:Job Status Window Interface "C:\Program Files\Gadu-Gadu 10\gg.exe" = C:\Program Files\Gadu-Gadu 10\gg.exe:*:Enabled:Gadu-Gadu 10 "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe" = C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe:*:Enabled:Device Monitor Application "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdiwbgw.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdiwbgw.exe:*:Enabled:Lexmark Web Gateway "C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation) "C:\Documents and Settings\ADMIN\Pulpit\Metin5 S1 Oficial Client\WinRARSDM.exe" = C:\Documents and Settings\ADMIN\Pulpit\Metin5 S1 Oficial Client\WinRARSDM.exe:*:Enabled:InHouseSDM Setup "E:\starter.exe" = E:\starter.exe:*:Enabled:starter "C:\Documents and Settings\ADMIN\Pulpit\XenoXMT2client_11.02.2012r_by_Pawemol\metin2mod_2011sf.exe" = C:\Documents and Settings\ADMIN\Pulpit\XenoXMT2client_11.02.2012r_by_Pawemol\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf "C:\Documents and Settings\ADMIN\Pulpit\Metin5 S1 Oficial Client\metin2mod_2011sf.exe" = C:\Documents and Settings\ADMIN\Pulpit\Metin5 S1 Oficial Client\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf "C:\Documents and Settings\ADMIN\Pulpit\XenoXT2Client_13_04_2012_by_Pawemol\XenoXMT2client_11.02.2012r_by_Pawemol\XenoxMT2 Launcher.exe" = C:\Documents and Settings\ADMIN\Pulpit\XenoXT2Client_13_04_2012_by_Pawemol\XenoXMT2client_11.02.2012r_by_Pawemol\XenoxMT2 Launcher.exe:*:Enabled:XenoxMT2 Launcher "C:\Documents and Settings\ADMIN\Pulpit\PandoraMT2\metin2mod_2011sf.exe" = C:\Documents and Settings\ADMIN\Pulpit\PandoraMT2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf "E:\iMetin.exe" = E:\iMetin.exe:*:Enabled:METIN2UPDATER "C:\Documents and Settings\ADMIN\Pulpit\XenoXMT2client_11.02.2012r_by_Pawemol\XenoxMT2 Launcher.exe" = C:\Documents and Settings\ADMIN\Pulpit\XenoXMT2client_11.02.2012r_by_Pawemol\XenoxMT2 Launcher.exe:*:Enabled:XenoxMT2 Launcher "C:\Program Files\EA SPORTS\EA SPORTS FIFA 12 Demo\Game\fifa.exe" = C:\Program Files\EA SPORTS\EA SPORTS FIFA 12 Demo\Game\fifa.exe:*:Enabled:FIFA 12 "G:\XenoXT2Client_13_04_2012_by_Pawemol\XenoXMT2client_11.02.2012r_by_Pawemol\XenoxMT2 Launcher.exe" = G:\XenoXT2Client_13_04_2012_by_Pawemol\XenoXMT2client_11.02.2012r_by_Pawemol\XenoxMT2 Launcher.exe:*:Enabled:XenoxMT2 Launcher "G:\counter strike\hl.exe" = G:\counter strike\hl.exe:*:Enabled:Half-Life Launcher "C:\Documents and Settings\ADMIN\Pulpit\counter strike\hl.exe" = C:\Documents and Settings\ADMIN\Pulpit\counter strike\hl.exe:*:Enabled:Half-Life Launcher "C:\Documents and Settings\ADMIN\Pulpit\counter strike\hlds.exe" = C:\Documents and Settings\ADMIN\Pulpit\counter strike\hlds.exe:*:Enabled:HLDS Launcher "E:\Program Files\HammerMT2\MSS321.dll" = E:\Program Files\HammerMT2\MSS321.dll:*:Enabled:MSS321 "C:\Documents and Settings\ADMIN\Pulpit\counter strike\hltv.exe" = C:\Documents and Settings\ADMIN\Pulpit\counter strike\hltv.exe:*:Enabled:HLTV Launcher "C:\Documents and Settings\ADMIN\Pulpit\CS\counter strike\hl.exe" = C:\Documents and Settings\ADMIN\Pulpit\CS\counter strike\hl.exe:*:Enabled:Half-Life Launcher "C:\Program Files\HammerMT2\MSS321.dll" = C:\Program Files\HammerMT2\MSS321.dll:*:Enabled:MSS321 "C:\Documents and Settings\ADMIN\Pulpit\METINY\XenoXT2Client_13_04_2012_by_Pawemol\XenoXMT2client_11.02.2012r_by_Pawemol\XenoxMT2 Launcher.exe" = C:\Documents and Settings\ADMIN\Pulpit\METINY\XenoXT2Client_13_04_2012_by_Pawemol\XenoXMT2client_11.02.2012r_by_Pawemol\XenoxMT2 Launcher.exe:*:Enabled:XenoxMT2 Launcher "C:\Documents and Settings\ADMIN\Pulpit\GRY\CS\counter strike\hl.exe" = C:\Documents and Settings\ADMIN\Pulpit\GRY\CS\counter strike\hl.exe:*:Enabled:Half-Life Launcher "C:\Documents and Settings\ADMIN\Pulpit\GRY\counter strike\counter strike\hl.exe" = C:\Documents and Settings\ADMIN\Pulpit\GRY\counter strike\counter strike\hl.exe:*:Enabled:Half-Life Launcher "C:\Documents and Settings\ADMIN\Pulpit\METINY\PandoraMT2\metin2.bin" = C:\Documents and Settings\ADMIN\Pulpit\METINY\PandoraMT2\metin2.bin:*:Enabled:metin2 "C:\Documents and Settings\ADMIN\Pulpit\cs\hltv.exe" = C:\Documents and Settings\ADMIN\Pulpit\cs\hltv.exe:*:Enabled:HLTV Launcher "C:\Documents and Settings\ADMIN\Pulpit\METINY\starter.exe" = C:\Documents and Settings\ADMIN\Pulpit\METINY\starter.exe:*:Enabled:starter "C:\HammerMT2\MSS321.dll" = C:\HammerMT2\MSS321.dll:*:Enabled:MSS321 "C:\Documents and Settings\ADMIN\Pulpit\METINY\Metin5 S1 Oficial Client 03 Marzec 2012\Metin5 S1 Oficial Client\Metin5.exe" = C:\Documents and Settings\ADMIN\Pulpit\METINY\Metin5 S1 Oficial Client 03 Marzec 2012\Metin5 S1 Oficial Client\Metin5.exe:*:Enabled:Metin5 "C:\Program Files\City Interactive\Overspeed\LASR.exe" = C:\Program Files\City Interactive\Overspeed\LASR.exe:*:Enabled:Overspeed "C:\Documents and Settings\ADMIN\Pulpit\METINY\XenoXMT2client_11.02.2012r_by_Pawemol\XenoxMT2 Launcher.exe" = C:\Documents and Settings\ADMIN\Pulpit\METINY\XenoXMT2client_11.02.2012r_by_Pawemol\XenoxMT2 Launcher.exe:*:Enabled:XenoxMT2 Launcher "E:\Program Files\Steam\Steam.exe" = E:\Program Files\Steam\Steam.exe:*:Enabled:Steam "C:\Documents and Settings\ADMIN\Ustawienia lokalne\Temp\incredibar_install.exe" = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Temp\incredibar_install.exe:*:Enabled:IncrediBar Installer "C:\WINDOWS\system32\dmwu.exe" = C:\WINDOWS\system32\dmwu.exe:*:Enabled:dmwu "E:\Program Files\Metin2\metin2client.bin" = E:\Program Files\Metin2\metin2client.bin:*:Enabled:Metin2Client "C:\Documents and Settings\ADMIN\Pulpit\METINY\PandoraMT2\Metin5 S1 Oficial Client\Metin5.exe" = C:\Documents and Settings\ADMIN\Pulpit\METINY\PandoraMT2\Metin5 S1 Oficial Client\Metin5.exe:*:Enabled:Metin5 "C:\Documents and Settings\ADMIN\Pulpit\METINY\PandoraMT2\metin2mod_2011sf.exe" = C:\Documents and Settings\ADMIN\Pulpit\METINY\PandoraMT2\metin2mod_2011sf.exe:*:Enabled:metin2mod_2011sf "C:\Documents and Settings\ADMIN\Pulpit\METINY\Metin5 S1 Oficial Client\Metin5.exe" = C:\Documents and Settings\ADMIN\Pulpit\METINY\Metin5 S1 Oficial Client\Metin5.exe:*:Enabled:Metin5 "C:\Documents and Settings\ADMIN\Dane aplikacji\Balmora.pl\metin2client.dll" = C:\Documents and Settings\ADMIN\Dane aplikacji\Balmora.pl\metin2client.dll:*:Enabled:metin2client "C:\Documents and Settings\ADMIN\Pulpit\METINY\PandoraMT2\Launcher.exe" = C:\Documents and Settings\ADMIN\Pulpit\METINY\PandoraMT2\Launcher.exe:*:Enabled:Launcher "C:\Documents and Settings\ADMIN\Pulpit\METINY\PandoraMT2\metin2client.bin" = C:\Documents and Settings\ADMIN\Pulpit\METINY\PandoraMT2\metin2client.bin:*:Enabled:metin2client "C:\Documents and Settings\ADMIN\Pulpit\METINY\PandoraMT2\metin2client.exe" = C:\Documents and Settings\ADMIN\Pulpit\METINY\PandoraMT2\metin2client.exe:*:Enabled:metin2client "C:\Documents and Settings\ADMIN\Pulpit\GRY\Metin5 S1 Oficial Client\Metin5.exe" = C:\Documents and Settings\ADMIN\Pulpit\GRY\Metin5 S1 Oficial Client\Metin5.exe:*:Enabled:Metin5 "C:\Program Files\Lexmark 3500-4500 Series\App4R.exe" = C:\Program Files\Lexmark 3500-4500 Series\App4R.exe:*:Enabled:Printing Application "C:\Documents and Settings\ADMIN\Pulpit\METINY\iMetin.exe" = C:\Documents and Settings\ADMIN\Pulpit\METINY\iMetin.exe:*:Enabled:METIN2UPDATER "C:\Program Files\City Interactive\Overspeed\dedicated server.exe" = C:\Program Files\City Interactive\Overspeed\dedicated server.exe:*:Enabled:Overspeed Dedicated Server "C:\Documents and Settings\ADMIN\Pulpit\bak\Balmora.pl\metin2client.dll" = C:\Documents and Settings\ADMIN\Pulpit\bak\Balmora.pl\metin2client.dll:*:Enabled:metin2client "C:\Documents and Settings\ADMIN\Pulpit\bak\Balmora.pl\game.bin" = C:\Documents and Settings\ADMIN\Pulpit\bak\Balmora.pl\game.bin:*:Enabled:game "C:\Documents and Settings\ADMIN\Pulpit\bak\METINY\Metin5 S1 Oficial Client 03 Marzec 2012\Metin5 S1 Oficial Client\game.bin" = C:\Documents and Settings\ADMIN\Pulpit\bak\METINY\Metin5 S1 Oficial Client 03 Marzec 2012\Metin5 S1 Oficial Client\game.bin:*:Enabled:game "C:\Documents and Settings\ADMIN\Pulpit\bak\METINY\Metin5 S1 Oficial Client 03 Marzec 2012\Metin5 S1 Oficial Client\Metin5.exe" = C:\Documents and Settings\ADMIN\Pulpit\bak\METINY\Metin5 S1 Oficial Client 03 Marzec 2012\Metin5 S1 Oficial Client\Metin5.exe:*:Enabled:Metin5 "G:\GAME.BIN" = G:\GAME.BIN:*:Enabled:GAME "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe" = C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe:*:Enabled:Device Monitor "C:\Documents and Settings\ADMIN\Ustawienia lokalne\Temp\lxdi\wireless\POLISH\lxdiwpss.exe" = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Temp\lxdi\wireless\POLISH\lxdiwpss.exe:*:Enabled: "H:\metin2.bin" = H:\metin2.bin:*:Enabled:metin2 "C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "E:\lo9ol\game.bin" = E:\lo9ol\game.bin:*:Enabled:game "C:\Games\World_of_Tanks\WorldOfTanks.exe" = C:\Games\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks "C:\Nexon\Combat Arms EU\NMService.exe" = C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core "C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*:Enabled:Combat Arms "C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe" = C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Client -- (Akamai Technologies, Inc.) "E:\lo9ol\Combat Arms EU\NMService.exe" = E:\lo9ol\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "E:\lo9ol\starter.exe" = E:\lo9ol\starter.exe:*:Enabled:starter "E:\lo9ol\iMetin\starter.exe" = E:\lo9ol\iMetin\starter.exe:*:Enabled:starter "C:\Documents and Settings\ADMIN\Pulpit\iMetin\starter.exe" = C:\Documents and Settings\ADMIN\Pulpit\iMetin\starter.exe:*:Enabled:starter "E:\Beata\iMetin\starter.exe" = E:\Beata\iMetin\starter.exe:*:Enabled:starter "E:\lo9ol\pack\iMetin\starter.exe" = E:\lo9ol\pack\iMetin\starter.exe:*:Enabled:starter "E:\Beata\wuio\iMetin\starter.exe" = E:\Beata\wuio\iMetin\starter.exe:*:Enabled:starter -- () "C:\Program Files\JoWood\Spellforce 2 Złota Edycja\spellforce2.exe" = C:\Program Files\JoWood\Spellforce 2 Złota Edycja\spellforce2.exe:*:Enabled:spellforce2 "E:\Beata\GladoR Client s2\glador.bin" = E:\Beata\GladoR Client s2\glador.bin:*:Enabled:Metin2Client "E:\lo9ol\GladoR Client s2\msvrp100.dll" = E:\lo9ol\GladoR Client s2\msvrp100.dll:*:Enabled:Metin2Client "E:\lo9ol\lol\Riot Games\League of Legends\P(_)P - L0ad3r.exe" = E:\lo9ol\lol\Riot Games\League of Legends\P(_)P - L0ad3r.exe:*:Enabled:P(_)P - L0ad3r "E:\lo9ol\VirtualMT2\VirtualMT2\metin2.bin" = E:\lo9ol\VirtualMT2\VirtualMT2\metin2.bin:*:Enabled:metin2 -- () "E:\lo9ol\Combat Arms EU\Engine.exe" = E:\lo9ol\Combat Arms EU\Engine.exe:*:Enabled:Combat Arms "E:\lo9ol\lol\Riot Games\League of Legends\MarinerMT2pl\MarinerMT2.pl\MarinerMT2.exe" = E:\lo9ol\lol\Riot Games\League of Legends\MarinerMT2pl\MarinerMT2.pl\MarinerMT2.exe:*:Enabled:MarinerMT2 -- () "E:\lo9ol\MarinerMT2pl\MarinerMT2.pl\MarinerMT2.exe" = E:\lo9ol\MarinerMT2pl\MarinerMT2.pl\MarinerMT2.exe:*:Enabled:MarinerMT2 -- () "E:\Games\Counter-Strike\hl.exe" = E:\Games\Counter-Strike\hl.exe:*:Disabled:Half-Life Launcher "E:\lo9ol\lol\Riot Games\League of Legends\hl.exe" = E:\lo9ol\lol\Riot Games\League of Legends\hl.exe:*:Enabled:Half-Life Launcher -- (Valve) "E:\lo9ol\lol\Riot Games\League of Legends\hlds.exe" = E:\lo9ol\lol\Riot Games\League of Legends\hlds.exe:*:Enabled:HLDS Launcher -- (Valve) "E:\lo9ol\hl.exe" = E:\lo9ol\hl.exe:*:Disabled:Half-Life Launcher "E:\lo9ol\hlds.exe" = E:\lo9ol\hlds.exe:*:Enabled:HLDS Launcher "E:\lo9ol\lol\Riot Games\League of Legends\ Counter Strike 1.6\hltv.exe" = E:\lo9ol\lol\Riot Games\League of Legends\ Counter Strike 1.6\hltv.exe:*:Enabled:HLTV Launcher "C:\Program Files\IAHGames\Counter-Strike Online\Bin\cstrike-online.exe" = C:\Program Files\IAHGames\Counter-Strike Online\Bin\cstrike-online.exe:*:Enabled:Counter-Strike Online "E:\Program Files\IAHGames\Counter-Strike Online\Bin\cstrike-online.exe" = E:\Program Files\IAHGames\Counter-Strike Online\Bin\cstrike-online.exe:*:Enabled:Counter-Strike Online "C:\MicroVolts Package\MicroVolts Downloader.exe" = C:\MicroVolts Package\MicroVolts Downloader.exe:*:Enabled:MicroVolts_Downloader -- (Rock Hippo Productions Ltd.) "E:\Games\World_of_Tanks\WoTLauncher.exe" = E:\Games\World_of_Tanks\WoTLauncher.exe:*:Enabled:World of Tanks Launcher "E:\Games\World_of_Tanks\WorldOfTanks.exe" = E:\Games\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks "C:\Program Files\File Type Assistant\TSAssist.exe" = C:\Program Files\File Type Assistant\TSAssist.exe:*:Enabled:ProgramUpdateCheck -- (FTA ApS) "C:\Program Files\Ubisoft\Register\Combat Arms EU\NMService.exe" = C:\Program Files\Ubisoft\Register\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core "C:\Program Files\Ubisoft\Register\Combat Arms EU\Engine.exe" = C:\Program Files\Ubisoft\Register\Combat Arms EU\Engine.exe:*:Enabled:Combat Arms "C:\Documents and Settings\ADMIN\Dane aplikacji\GameRanger\GameRanger\GameRanger.exe" = C:\Documents and Settings\ADMIN\Dane aplikacji\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger -- (GameRanger Technologies) "C:\Program Files\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\bin\H5_Game.exe" = C:\Program Files\Ubisoft\Heroes of Might and Magic V - Dzikie Hordy\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V -- () "C:\Program Files\O22y Inc\SWAT 4 Collection\ContentExpansion\System\Swat4X.exe" = C:\Program Files\O22y Inc\SWAT 4 Collection\ContentExpansion\System\Swat4X.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate -- (Sierra Entertainment, Inc.) "C:\Program Files\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtuser.exe" = C:\Program Files\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtuser.exe:*:Enabled:Movies Toolbar (Dist. by Bandoo Media, Inc.) DTX Broker "C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe" = C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA) "E:\lo9ol\VirtualMT2\VirtualMT2\VirtualMT2 (bez patchera).exe" = E:\lo9ol\VirtualMT2\VirtualMT2\VirtualMT2 (bez patchera).exe:*:Enabled:VirtualMT2 (bez patchera) -- () "E:\lo9ol\GameforgeLive\gfl_client.exe" = E:\lo9ol\GameforgeLive\gfl_client.exe:*:Enabled:Gameforge Live -- () "C:\Program Files\O22y Inc\SWAT 4 Collection\Content\System\Swat4DedicatedServer.exe" = C:\Program Files\O22y Inc\SWAT 4 Collection\Content\System\Swat4DedicatedServer.exe:*:Enabled:SWAT 4 -- (Sierra Entertainment, Inc.) "C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe" = C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW -- () "C:\Program Files\Serious Sam Drugie Starcie\Bin\SeriousSam.exe" = C:\Program Files\Serious Sam Drugie Starcie\Bin\SeriousSam.exe:*:Enabled:SeriousSam -- () "C:\Program Files\O22y Inc\SWAT 4 Collection\ContentExpansion\System\Swat4XDedicatedServer.exe" = C:\Program Files\O22y Inc\SWAT 4 Collection\ContentExpansion\System\Swat4XDedicatedServer.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate -- (Sierra Entertainment, Inc.) "C:\Documents and Settings\ADMIN\Pulpit\Invoria.pl 08.06.2014\Invoria.pl\Invoria.pl.exe" = C:\Documents and Settings\ADMIN\Pulpit\Invoria.pl 08.06.2014\Invoria.pl\Invoria.pl.exe:*:Enabled:Metin2Client "C:\Documents and Settings\ADMIN\Pulpit\ShivaMt2 Official 13.05.2014\ShivaMt2 Official 13.05.2014\ShivaMt2 Client\ShivaMt2.exe" = C:\Documents and Settings\ADMIN\Pulpit\ShivaMt2 Official 13.05.2014\ShivaMt2 Official 13.05.2014\ShivaMt2 Client\ShivaMt2.exe:*:Enabled:ShivaMt2 Client "C:\Documents and Settings\ADMIN\Pulpit\ExoriaMT2.pl-Oficjalny-11.07.2014\ExoriaMT2.pl-Oficjalny-11.07.2014\[E]xoriaMT2.pl.exe" = C:\Documents and Settings\ADMIN\Pulpit\ExoriaMT2.pl-Oficjalny-11.07.2014\ExoriaMT2.pl-Oficjalny-11.07.2014\[E]xoriaMT2.pl.exe:*:Enabled:Metin2Client "C:\Program Files\Hi-Rez Studios\HiRezGames\smite\Binaries\Win32\Smite.exe" = C:\Program Files\Hi-Rez Studios\HiRezGames\smite\Binaries\Win32\Smite.exe:*:Enabled:Smite "E:\lo9ol\lol\GladoR Client s2\msvrp100.dll" = E:\lo9ol\lol\GladoR Client s2\msvrp100.dll:*:Enabled:Metin2Client -- (Ymir Entertainment) "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\Program Files\TeamViewer\Version9\TeamViewer.exe" = C:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH) "C:\Documents and Settings\ADMIN\Pulpit\ShivaMt2 Official 24.07.2014\ShivaMt2 Official 24.07.2014\ShivaMt2 Client\ShivaMt2.exe" = C:\Documents and Settings\ADMIN\Pulpit\ShivaMt2 Official 24.07.2014\ShivaMt2 Official 24.07.2014\ShivaMt2 Client\ShivaMt2.exe:*:Enabled:ShivaMt2 Client "C:\Documents and Settings\ADMIN\Pulpit\MP3\ShivaMt2 Official 24.07.2014\ShivaMt2 Official 24.07.2014\ShivaMt2 Client\ShivaMt2.exe" = C:\Documents and Settings\ADMIN\Pulpit\MP3\ShivaMt2 Official 24.07.2014\ShivaMt2 Official 24.07.2014\ShivaMt2 Client\ShivaMt2.exe:*:Enabled:ShivaMt2 Client -- (ShivaMt2) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{161E29AB-6F9A-4B03-A3FC-A6F63E477F58}" = Balmora.pl "{1D2ABF6A-2B19-3E94-0991-5B5BDB7134DA}" = ShoppingChip "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 29 "{2850F3B8-D849-4DBE-BEAF-4DCF14B5E47A}" = Dwukierunkowy słownik angielsko-polski "{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager "{2F5E93AA-9D8C-AE4D-C794-7F0633216558}" = UTubeAdBloCk "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{37476589-E48E-439E-A706-56189E2ED4C4}_is1" = Browser AdBlocker "{397C5D1A-B7E6-453B-9A64-23206F73E0E5}" = ArcSoft MediaImpression 2 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite "{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{478472F9-9E09-492A-BDAB-42EE595EF1AD}" = FFuunDeeals "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{5DE67937-45D5-45E4-923C-0B7F7EC929A7}" = League of Legends "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5F189DF5-2D05-472B-9091-84D9848AE48B}{d93cc0a5}" = Assistant "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{64EC9B11-008A-4117-86AD-E7ADB0B596E4}" = FULL-DISKfighter "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4}" = ReguLarDealss "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{85DAE0C8-B3BB-11D8-88E4-0004769F25D1}" = Spellforce "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E8C2E2D-7F21-2CF5-0ADB-64935121ECF0}" = RaNdomPrice "{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable "{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007 "{90120000-00B2-0415-0000-0000000FF1CE}" = Dodatek Zapisywanie jako PDF lub XPS firmy Microsoft dla programów pakietu Microsoft Office 2007 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 2.0.1 "Baby Genius" "{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}" = FUnu22SavE "{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.5 - Polish "{B10BC31B-DBC6-56FE-DD3D-DD4E49A3E6CE}" = saveitKeep. "{BC61F51E-8AF7-46B9-AF20-B33B5EE81045}" = Nero 7 Essentials "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1 "{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}" = Curse "{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T "{EFC97089-04D6-42CE-A707-A343B4A7D2CD}" = Ghost Recon Advanced Warfighter "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F8C02517-4AC3-4026-8292-ACF23E98A7D7}" = Activision(R) "{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "{ORAHSS}.UninstallSuite" = Livebox "Adobe Acrobat 4.0" = Adobe Acrobat 4.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 12.0 "ALLPlayer V2.2.9_is1" = ALLPlayer V2.2.9 "CCleaner" = CCleaner "Chica Password Manager 2.0_is1" = Chica Password Manager 2.0 2.0.0.8 "Combat Arms EU" = Combat Arms EU "DAEMON Tools Lite" = DAEMON Tools Lite "Data Access Objects (DAO) 3.5" = Data Access Objects (DAO) 3.5 "DivX Setup.divx.com" = DivX Setup "DownLite" = DownLite "FastMediaConverter" = FastMediaConverter "fst_pl_111_is1" = fst_pl_111 "FULL-DISKfighter" = FULL-DISKfighter "Google Chrome" = Google Chrome "KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Full) "League of Legends 3.0.1" = League of Legends "Metin2_is1" = Metin2 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Mobogenie3" = Mobogenie3 "Mozilla ActiveX Control v1.7.12" = Mozilla ActiveX Control v1.7.12 "Mozilla Firefox 17.0.1 (x86 pl)" = Mozilla Firefox 17.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "MyPC Backup" = MyPC Backup "MySSID_is1" = Vtune 7.13 "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NSS" = Norton Security Scan "Object Browser" = Object Browser "OpenAL" = OpenAL "Optimizer Pro_is1" = Optimizer Pro v3.2 "Overwolf" = Overwolf "Plus-HD-9.1" = Plus-HD-9.1 "PunkBusterSvc" = PunkBuster Services "qone8 uninstaller" = qone8 uninstaller "RegClean Pro_is1" = RegClean Pro "S-649636217" = CouponSupport "Sense" = Sense "Serious Sam Pierwsze Starcie" = Serious Sam Pierwsze Starcie "Settings Manager" = Settings Manager "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "ShopperPro" = Shopper-Pro "SpeedUp Toolbar_is1" = SpeedUp Toolbar 2.009.008.001 "SupTab" = SupTab "SWAT 4 Collection_is1" = SWAT 4 Collection "TeamSpeak 3 Client" = TeamSpeak 3 Client "TeamViewer 9" = TeamViewer 9 "Trusted Software Assistant_is1" = File Type Assistant "UltraISO_is1" = UltraISO Premium V9.35 "Video Player" = Video Player "WARM UP !" = WARM UP ! "Webexp Enhanced" = Webexp Enhanced "WinRAR archiver" = WinRAR 4.20 (32-bit) "Xfire" = Xfire (remove only) "YTDownloader" = YTDownloader [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "Balmora.pl 2.1.0" = Balmora.pl "Bonanza" = Update_for_BonanzaDeals "Combat Arms Packages" = Combat Arms Packages "GameRanger" = GameRanger "MegaMonsterFun" = MegaMonsterFun "Might and Magic Heroes VI Packages" = Might and Magic Heroes VI Packages "Minecraft Packages" = Minecraft Packages "OpenFM" = OpenFM "Power Loader" = Power Challenge Game Plugin "Qtrax Connection Manager" = Qtrax Connection Manager "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2014-08-16 17:56:06 | Computer Name = ADMIN | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd plugin-container.exe, wersja 31.0.0.5310, moduł powodujący błąd mozalloc.dll, wersja 31.0.0.5310, adres błędu 0x0000141b. Error - 2014-08-17 08:42:04 | Computer Name = ADMIN | Source = HiRezSoftwareManagerSvc | ID = 0 Description = Service cannot be started. Proces usługi nie mógł połączyć się z kontrolerem usługi Error - 2014-08-17 09:20:37 | Computer Name = ADMIN | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd plugin-container.exe, wersja 31.0.0.5310, moduł powodujący błąd mozalloc.dll, wersja 31.0.0.5310, adres błędu 0x0000141b. Error - 2014-08-18 09:51:35 | Computer Name = ADMIN | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 hirezlauncherui.exe, P2 3.8.7.5, P3 53c92ba1, P4 hirezlauncherui, P5 3.8.7.5, P6 53c92ba1, P7 e, P8 3c, P9 system.io.filenotfoundexception, P10 NIL. Error - 2014-08-18 09:51:41 | Computer Name = ADMIN | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 hirezlauncherui.exe, P2 3.8.7.5, P3 53c92ba1, P4 hirezlauncherui, P5 3.8.7.5, P6 53c92ba1, P7 e, P8 3c, P9 system.io.filenotfoundexception, P10 NIL. Error - 2014-08-18 09:51:49 | Computer Name = ADMIN | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 hirezlauncherui.exe, P2 3.8.7.5, P3 53c92ba1, P4 hirezlauncherui, P5 3.8.7.5, P6 53c92ba1, P7 e, P8 3c, P9 system.io.filenotfoundexception, P10 NIL. Error - 2014-08-18 09:52:04 | Computer Name = ADMIN | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 hirezgamesdiagandsupport.exe, P2 1.0.0.0, P3 53c963c1, P4 hirezgamesdiagandsupport, P5 1.0.0.0, P6 53c963c1, P7 78, P8 e, P9 system.io.filenotfoundexception, P10 NIL. Error - 2014-08-18 09:52:19 | Computer Name = ADMIN | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 hirezlauncherui.exe, P2 3.8.7.5, P3 53c92ba1, P4 hirezlauncherui, P5 3.8.7.5, P6 53c92ba1, P7 e, P8 3c, P9 system.io.filenotfoundexception, P10 NIL. Error - 2014-08-18 09:52:27 | Computer Name = ADMIN | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 hirezlauncherui.exe, P2 3.8.7.5, P3 53c92ba1, P4 hirezlauncherui, P5 3.8.7.5, P6 53c92ba1, P7 e, P8 3c, P9 system.io.filenotfoundexception, P10 NIL. Error - 2014-08-18 09:52:30 | Computer Name = ADMIN | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 hirezlauncherui.exe, P2 3.8.7.5, P3 53c92ba1, P4 hirezlauncherui, P5 3.8.7.5, P6 53c92ba1, P7 e, P8 3c, P9 system.io.filenotfoundexception, P10 NIL. [ System Events ] Error - 2014-08-20 14:15:36 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Datamngr Coordinator z powodu następującego błędu: %%1053 Error - 2014-08-20 14:15:37 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7009 Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się z usługą Datamngr Coordinator. Error - 2014-08-20 14:15:37 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Datamngr Coordinator z powodu następującego błędu: %%1053 Error - 2014-08-20 14:15:38 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7009 Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się z usługą Datamngr Coordinator. Error - 2014-08-20 14:15:38 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Datamngr Coordinator z powodu następującego błędu: %%1053 Error - 2014-08-20 14:15:39 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7009 Description = Limit czasu (30000 milisekund) podczas oczekiwania na połączenie się z usługą Datamngr Coordinator. Error - 2014-08-20 14:15:39 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Datamngr Coordinator z powodu następującego błędu: %%1053 Error - 2014-08-20 14:16:21 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7034 Description = Usługa Suite Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2014-08-20 14:16:24 | Computer Name = ADMIN | Source = Service Control Manager | ID = 7034 Description = Usługa StarWind AE Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2014-08-20 14:40:03 | Computer Name = ADMIN | Source = W32Time | ID = 39452701 Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas z jednego lub kilku źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne. Przez 14 min nie nastąpi próba kontaktu ze źródłem. NtpClient nie ma źródła dokładnego czasu. < End of report > [/spoiler] To wszystko. Tylko sie nie przestrasz bo tu nie było antivirusa i był zaniedbywany.
r102 komentarz 22 sierpnia 2014 komentarz 22 sierpnia 2014 Witam. Mam wiele problemów z Windowsem XP. Otóz komputer jest dość zaniedbany przez ściąganie niepotrzebnych programów i brak antywirusa na komputerze. Opiszę problemy mam nadzieje że pomożecie. 1,2,3,4... Proponuję jednak - wiem że to rozwiązanie nieeleganckie - reinstalację systemu :E Oczywiście po zabezpieczeniu /kopia/ wszelakich cennych i sentymentalnych plików /zdjęcia, filmy, dokumenty/...
Vertivadro komentarz 22 sierpnia 2014 Autor komentarz 22 sierpnia 2014 Proponowałem formata sąsiadowi ale nie chciał a co to jest ta reinstalacja systemu ?? My nie mamy płyty z Windowsem :c
pawel315 komentarz 22 sierpnia 2014 komentarz 22 sierpnia 2014 Ok, to umówimy się tak: najpierw zajmiemy się brontokiem w trybie awaryjnym a potem resztą w trybie normalnym. A jest co usuwać :D Uruchom [b][color=green]OTL[/color][/b] i w oknie [b]"Własne opcje skanowania/skrypt"[/b] wklej: :OTL DRV - File not found [Kernel | Auto | Stopped] -- C:\DOCUME~1\ADMIN\USTAWI~1\Temp\5689.sys -- (5689) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [7F6BDE] C:\WINDOWS\system32\DA2999\7F6BDE.EXE () O4 - HKLM..\Run: [Bron-Spizaetus] C:\WINDOWS\ShellNew\sempalong.exe () O4 - HKLM..\Run: [fst_pl_110] File not found O4 - HKLM..\Run: [fst_pl_111] C:\Program Files\fst_pl_111\fst_pl_111.exe () O4 - HKLM..\Run: [tuto4pc_pl_17] File not found O4 - HKLM..\Run: [tuto4pc_pl_31] File not found O4 - HKLM..\Run: [tuto4pc_pl_32] File not found O4 - HKLM..\Run: [upfst_pl_111.exe] C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\fst_pl_111\upfst_pl_111.exe () O4 - HKCU..\Run: [Tok-Cirrhatus] C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\smss.exe () O4 - HKCU..\Run: [wsctf.exe] wsctf.exe File not found O4 - Startup: C:\Documents and Settings\ADMIN\Menu Start\Programy\Autostart\7F6BDE.lnk = C:\WINDOWS\system32\DA2999\7F6BDE.EXE () O4 - Startup: C:\Documents and Settings\ADMIN\Menu Start\Programy\Autostart\Empty.pif () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O20 - HKLM Winlogon: Shell - ("C:\WINDOWS\eksplorasi.exe") - C:\WINDOWS\eksplorasi.exe () O20 - HKLM Winlogon: UserInit - (EXPLORER.EXE) - C:\WINDOWS\System32\EXPLORER.EXE (Microsoft Corporation) O33 - MountPoints2\{08e31b24-38df-11e2-9977-1c6f65576f76}\Shell\AutoRun\command - "" = G:\AutoRun.exe /s O33 - MountPoints2\{5c3b4230-1743-11e0-9115-0060b3088327}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{5c3b4230-1743-11e0-9115-0060b3088327}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{9746d3f2-b64e-11e1-9733-1c6f65576f76}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{9746d3f2-b64e-11e1-9733-1c6f65576f76}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{aa7ceb04-a7cd-11e0-932f-0060b3088327}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{aa7ceb04-a7cd-11e0-932f-0060b3088327}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{abc2695e-2955-11e0-9153-0060b3088327}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{abc2695e-2955-11e0-9153-0060b3088327}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{b6bf800e-a5a0-11e0-9325-0060b3088327}\Shell\AutoRun\command - "" = H:\eyruu.exe O33 - MountPoints2\{b6bf800e-a5a0-11e0-9325-0060b3088327}\Shell\open\Command - "" = H:\eyruu.exe O33 - MountPoints2\{b7f66834-0938-11e0-90d7-0060b3088327}\Shell\AutoRun\command - "" = H:\eyruu.exe O33 - MountPoints2\{b7f66834-0938-11e0-90d7-0060b3088327}\Shell\open\Command - "" = H:\eyruu.exe O33 - MountPoints2\{b7f66835-0938-11e0-90d7-0060b3088327}\Shell\AutoRun\command - "" = I:\eyruu.exe O33 - MountPoints2\{b7f66835-0938-11e0-90d7-0060b3088327}\Shell\open\Command - "" = I:\eyruu.exe O33 - MountPoints2\{b7f6687d-0938-11e0-90d7-0060b3088327}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{b7f6687d-0938-11e0-90d7-0060b3088327}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{dc77dbf6-e006-11e1-9814-1c6f65576f76}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{dc77dbf6-e006-11e1-9814-1c6f65576f76}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{e70a9ec4-fcb7-11e0-9403-1c6f65576f76}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{e70a9ec4-fcb7-11e0-9403-1c6f65576f76}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{f0add81e-b4d7-11e1-972e-1c6f65576f76}\Shell\AutoRun\command - "" = G:\eyruu.exe O33 - MountPoints2\{f0add81e-b4d7-11e1-972e-1c6f65576f76}\Shell\open\Command - "" = G:\eyruu.exe O33 - MountPoints2\{fe5a9026-52d9-11e0-91f6-0060b3088327}\Shell\AutoRun\command - "" = G:\EXPLORER.EXE O33 - MountPoints2\{fe5a9026-52d9-11e0-91f6-0060b3088327}\Shell\explore\Command - "" = G:\EXPLORER.EXE O33 - MountPoints2\{fe5a9026-52d9-11e0-91f6-0060b3088327}\Shell\open\Command - "" = G:\ :Files C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\*.exe C:\WINDOWS\System32\EXPLORER.EXE :Reg [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"="Explorer.exe" "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," :Commands [emptytemp] Kliknij [b]"Wykonaj skrypt"[/b], wyraź zgodę na restart systemu. Podaj zawartość pliku, który wyświetli się po restarcie. [b][color=orange]Następnie[/color][/b] [list] [*]Uruchom komputer w normalnym trybie.[/*] [*]Utwórz logi programem FRST i podaj je tutaj to dokończymy usuwanie[/*] [/list]
Vertivadro komentarz 22 sierpnia 2014 Autor komentarz 22 sierpnia 2014 (edytowane) zrobiłem tak jak kazałeś wkleiłem i wcisnąłem Wykonaj skrypt to bez żadnego zapytania o zgode zrestartował się komp włączył się w normalnym trybie i nic nie wyskoczyło nic się nie zmieniło tak samo musiałem wpisać "pulpit" w menedzerze żeby mi się włączyły ikony i wgl. Przy ściąganiu komp sie zrestartował
Zayfi komentarz 22 sierpnia 2014 komentarz 22 sierpnia 2014 Tak jest ponieważ skrypt podany jest niedokładny. W procesach widać fałszywy dubel explorer.exe PRC - [2006-10-25 11:32:36 | 000,036,864 | RHS- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\EXPLORER.EXE I wiele innych składników adware. Jeśli pawel315 tego nie skoryguje - ja to zrobię.
r102 komentarz 23 sierpnia 2014 komentarz 23 sierpnia 2014 Proponowałem formata sąsiadowi ale nie chciał a co to jest ta reinstalacja systemu ?? My nie mamy płyty z Windowsem :c :facepalm: :facepalm: :facepalm: :facepalm:
Vertivadro komentarz 23 sierpnia 2014 Autor komentarz 23 sierpnia 2014 (edytowane) To mógłby mi ktoś skorygować ten skrypt.
pawel315 komentarz 23 sierpnia 2014 komentarz 23 sierpnia 2014 (edytowane) :Files C:\Documents and Settings\ADMIN\Ustawienia lokalne\Dane aplikacji\*.exe C:\WINDOWS\System32\EXPLORER.EXE Jak niedokładny ? usuwam przecież fałszywy dubel explorer.exe A składniki adware miałem czyścić w normalnym trybie @Autorze Wykonaj log w trybie awaryjnym programem FRST
Vertivadro komentarz 23 sierpnia 2014 Autor komentarz 23 sierpnia 2014 jutro moze bo go cały dzień nie było. Jak coś zedytuje post
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.