::snoopy:: Opublikowano 3 Listopada 2012 Zgłoś Opublikowano 3 Listopada 2012 Od jakichś 3 dni Nod32 notorycznie blokuje mi te same 2 adresy, komunikat w styku jak na załączonym obrazku. Załączam logi z OTL. Dodam, że Malwarebytes nic nie wykrywa. OTL logfile created on: 2012-11-03 16:32:20 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = G:\Programy Instalki\Bezpieczenstwo 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,98 Gb Total Physical Memory | 5,99 Gb Available Physical Memory | 74,99% Memory free 8,98 Gb Paging File | 6,77 Gb Available in Paging File | 75,35% Paging File free Paging file location(s): c:\pagefile.sys 1024 1024 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 80,00 Gb Total Space | 35,52 Gb Free Space | 44,41% Space Free | Partition Type: NTFS Drive E: | 250,00 Gb Total Space | 97,25 Gb Free Space | 38,90% Space Free | Partition Type: NTFS Drive F: | 300,00 Gb Total Space | 208,99 Gb Free Space | 69,66% Space Free | Partition Type: NTFS Drive G: | 301,41 Gb Total Space | 32,98 Gb Free Space | 10,94% Space Free | Partition Type: NTFS Computer Name: USER-KOMPUTER | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-11-03 16:29:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\Programy Instalki\Bezpieczenstwo\OTL_3269.exe PRC - [2012-10-27 12:42:56 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-10-09 10:15:30 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe PRC - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe PRC - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-10-17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2011-10-17 15:12:48 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2011-08-18 10:23:51 | 000,072,704 | ---- | M] (Autodesk) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe PRC - [2011-07-11 22:48:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe PRC - [2011-07-04 18:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe PRC - [2011-01-12 15:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe PRC - [2009-09-09 06:50:00 | 003,514,112 | ---- | M] (Ghisler Software GmbH) -- E:\SoftFiles\totalcmd\TOTALCMD.EXE PRC - [2006-09-29 11:48:06 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe ========== Modules (No Company Name) ========== MOD - [2012-11-03 16:00:44 | 000,003,584 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\winampa.lng MOD - [2012-11-03 16:00:43 | 000,323,584 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\winamp.lng MOD - [2012-11-03 16:00:43 | 000,161,792 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\vis_milk2.lng MOD - [2012-11-03 16:00:43 | 000,087,552 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\vis_avs.lng MOD - [2012-11-03 16:00:43 | 000,066,560 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\burnlib.lng MOD - [2012-11-03 16:00:43 | 000,054,272 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_local.lng MOD - [2012-11-03 16:00:43 | 000,047,616 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_disc.lng MOD - [2012-11-03 16:00:43 | 000,046,592 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_pmp.lng MOD - [2012-11-03 16:00:43 | 000,041,984 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\pmp_wifi.lng MOD - [2012-11-03 16:00:43 | 000,040,448 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\gen_jumpex.lng MOD - [2012-11-03 16:00:43 | 000,036,864 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ombrowser.lng MOD - [2012-11-03 16:00:43 | 000,022,528 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_mp3.lng MOD - [2012-11-03 16:00:43 | 000,022,016 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\gen_ff.lng MOD - [2012-11-03 16:00:43 | 000,021,504 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\gen_ml.lng MOD - [2012-11-03 16:00:43 | 000,020,992 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_midi.lng MOD - [2012-11-03 16:00:43 | 000,018,432 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_mod.lng MOD - [2012-11-03 16:00:43 | 000,016,896 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\out_ds.lng MOD - [2012-11-03 16:00:43 | 000,014,848 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_wm.lng MOD - [2012-11-03 16:00:43 | 000,014,336 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_wire.lng MOD - [2012-11-03 16:00:43 | 000,014,336 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_online.lng MOD - [2012-11-03 16:00:43 | 000,013,312 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_playlists.lng MOD - [2012-11-03 16:00:43 | 000,013,312 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_cdda.lng MOD - [2012-11-03 16:00:43 | 000,012,800 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_plg.lng MOD - [2012-11-03 16:00:43 | 000,012,800 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\dsp_sps.lng MOD - [2012-11-03 16:00:43 | 000,011,264 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_vorbis.lng MOD - [2012-11-03 16:00:43 | 000,011,264 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_nsv.lng MOD - [2012-11-03 16:00:43 | 000,011,264 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\gen_hotkeys.lng MOD - [2012-11-03 16:00:43 | 000,011,264 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\auth.lng MOD - [2012-11-03 16:00:43 | 000,010,752 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\pmp_usb.lng MOD - [2012-11-03 16:00:43 | 000,010,752 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\pmp_android.lng MOD - [2012-11-03 16:00:43 | 000,009,216 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_downloads.lng MOD - [2012-11-03 16:00:43 | 000,008,704 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_history.lng MOD - [2012-11-03 16:00:43 | 000,008,192 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_transcode.lng MOD - [2012-11-03 16:00:43 | 000,008,192 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_devices.lng MOD - [2012-11-03 16:00:43 | 000,007,680 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\vis_nsfs.lng MOD - [2012-11-03 16:00:43 | 000,007,680 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\gen_tray.lng MOD - [2012-11-03 16:00:43 | 000,007,168 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\out_wave.lng MOD - [2012-11-03 16:00:43 | 000,007,168 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_autotag.lng MOD - [2012-11-03 16:00:43 | 000,007,168 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_dshow.lng MOD - [2012-11-03 16:00:43 | 000,007,168 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\gen_orgler.lng MOD - [2012-11-03 16:00:43 | 000,007,168 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\gen_crasher.lng MOD - [2012-11-03 16:00:43 | 000,006,656 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\pmp_ipod.lng MOD - [2012-11-03 16:00:43 | 000,006,656 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\enc_fhgaac.lng MOD - [2012-11-03 16:00:43 | 000,006,144 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\tagz.lng MOD - [2012-11-03 16:00:43 | 000,006,144 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\out_disk.lng MOD - [2012-11-03 16:00:43 | 000,006,144 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_flac.lng MOD - [2012-11-03 16:00:43 | 000,006,144 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\enc_wma.lng MOD - [2012-11-03 16:00:43 | 000,005,632 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_rg.lng MOD - [2012-11-03 16:00:43 | 000,005,632 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_wave.lng MOD - [2012-11-03 16:00:43 | 000,005,632 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\enc_lame.lng MOD - [2012-11-03 16:00:43 | 000,005,120 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_impex.lng MOD - [2012-11-03 16:00:43 | 000,005,120 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_bookmarks.lng MOD - [2012-11-03 16:00:43 | 000,005,120 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_avi.lng MOD - [2012-11-03 16:00:43 | 000,004,608 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\pmp_activesync.lng MOD - [2012-11-03 16:00:43 | 000,004,608 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_mp4.lng MOD - [2012-11-03 16:00:43 | 000,004,608 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_mkv.lng MOD - [2012-11-03 16:00:43 | 000,004,096 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\pmp_p4s.lng MOD - [2012-11-03 16:00:43 | 000,004,096 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_orb.lng MOD - [2012-11-03 16:00:43 | 000,004,096 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\enc_wav.lng MOD - [2012-11-03 16:00:43 | 000,004,096 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\enc_flac.lng MOD - [2012-11-03 16:00:43 | 000,003,584 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\pmp_njb.lng MOD - [2012-11-03 16:00:43 | 000,003,584 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_nowplaying.lng MOD - [2012-11-03 16:00:43 | 000,003,584 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\ml_addons.lng MOD - [2012-11-03 16:00:43 | 000,003,584 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_swf.lng MOD - [2012-11-03 16:00:43 | 000,003,584 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_linein.lng MOD - [2012-11-03 16:00:43 | 000,003,584 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\in_flv.lng MOD - [2012-11-03 16:00:43 | 000,003,072 | ---- | M] () -- C:\Users\user\AppData\Local\Temp\WLZBC4C.tmp\playlist.lng MOD - [2012-10-27 12:42:55 | 002,295,264 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012-10-09 10:15:30 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll MOD - [2012-06-14 15:28:47 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0767c3bc7cd93daf38517843d29ce808\IAStorUtil.ni.dll MOD - [2012-06-14 11:32:15 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012-06-14 11:32:10 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012-05-09 20:43:30 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\9eed0fcdc582550a65536d1150b49574\IAStorCommon.ni.dll MOD - [2012-05-09 20:13:50 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012-05-09 20:13:23 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012-05-09 20:13:20 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012-05-09 20:13:18 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012-05-09 20:13:17 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012-05-09 20:13:14 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2011-08-28 11:04:53 | 001,737,728 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll MOD - [2011-08-28 11:04:53 | 000,623,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s MOD - [2011-08-28 11:04:53 | 000,410,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll MOD - [2011-08-28 11:04:53 | 000,313,344 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wm.dll MOD - [2011-08-28 11:04:53 | 000,312,832 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll MOD - [2011-08-28 11:04:53 | 000,285,696 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll MOD - [2011-08-28 11:04:53 | 000,253,440 | ---- | M] () -- C:\Program Files (x86)\Winamp\libsndfile.dll MOD - [2011-08-28 11:04:53 | 000,252,416 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll MOD - [2011-08-28 11:04:53 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll MOD - [2011-08-28 11:04:53 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll MOD - [2011-08-28 11:04:53 | 000,183,808 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll MOD - [2011-08-28 11:04:53 | 000,165,376 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mod.dll MOD - [2011-08-28 11:04:53 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s MOD - [2011-08-28 11:04:53 | 000,109,568 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_midi.dll MOD - [2011-08-28 11:04:53 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s MOD - [2011-08-28 11:04:53 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll MOD - [2011-08-28 11:04:53 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s MOD - [2011-08-28 11:04:53 | 000,084,480 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s MOD - [2011-08-28 11:04:53 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll MOD - [2011-08-28 11:04:53 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\Winamp\nde.dll MOD - [2011-08-28 11:04:53 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll MOD - [2011-08-28 11:04:53 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll MOD - [2011-08-28 11:04:53 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_avi.dll MOD - [2011-08-28 11:04:53 | 000,060,928 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flac.dll MOD - [2011-08-28 11:04:53 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll MOD - [2011-08-28 11:04:53 | 000,050,688 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll MOD - [2011-08-28 11:04:53 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll MOD - [2011-08-28 11:04:53 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll MOD - [2011-08-28 11:04:53 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\devices.w5s MOD - [2011-08-28 11:04:53 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_flv.dll MOD - [2011-08-28 11:04:53 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\timer.w5s MOD - [2011-08-28 11:04:53 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll MOD - [2011-08-28 11:04:53 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll MOD - [2011-08-28 11:04:53 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_swf.dll MOD - [2011-08-28 11:04:53 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\albumart.w5s MOD - [2011-08-28 11:04:53 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_disk.dll MOD - [2011-08-28 11:04:53 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s MOD - [2011-08-28 11:04:53 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s MOD - [2011-08-28 11:04:53 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s MOD - [2011-08-28 11:04:53 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_wave.dll MOD - [2011-08-28 11:04:53 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_wave.dll MOD - [2011-08-28 11:04:53 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s MOD - [2011-08-28 11:04:53 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gracenote.w5s MOD - [2011-08-28 11:04:53 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\filereader.w5s MOD - [2011-08-28 11:04:53 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\primo.w5s MOD - [2011-07-04 18:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 18:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 18:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 18:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 18:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll MOD - [2011-04-16 04:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-04-12 14:21:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2011-02-17 10:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 10:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 10:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 10:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 10:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 10:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 09:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 09:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 09:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 09:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 09:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 09:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll MOD - [2010-11-13 03:03:49 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll ========== Services (SafeList) ========== SRV:64bit: - [2011-12-06 04:11:56 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011-01-12 15:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV:64bit: - [2011-01-12 15:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn) SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012-10-27 12:42:56 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-10-09 10:15:31 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-09-29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012-07-27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012-06-07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011-12-09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2011-10-17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011-08-18 10:23:51 | 000,072,704 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2011-03-16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-08-10 20:37:08 | 000,334,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe -- (UsbService) SRV - [2010-03-18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-07-27 10:13:28 | 000,061,440 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\ASDR.exe -- (ASDR) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-02-26 17:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2006-09-29 11:48:06 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe -- (mi-raysat_3dsmax9_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012-09-29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012-04-12 23:12:45 | 000,142,944 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt58.sys -- (vidsflt58) DRV:64bit: - [2012-04-12 23:12:41 | 000,132,704 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv) DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012-02-18 18:36:00 | 000,084,736 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI) DRV:64bit: - [2012-02-18 18:36:00 | 000,059,520 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3) DRV:64bit: - [2012-02-07 14:09:00 | 000,030,592 | ---- | M] (REALiX™) [Kernel | System | Running] -- C:\Program Files\HWiNFO64\HWiNFO64A.SYS -- (HWiNFO32) DRV:64bit: - [2011-12-17 20:56:36 | 000,230,864 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt) DRV:64bit: - [2011-12-06 04:45:40 | 010,720,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011-12-06 03:12:14 | 000,327,168 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011-11-29 18:11:31 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011-10-17 18:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011-10-17 14:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011-09-11 11:00:50 | 000,016,384 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EIO64.sys -- (EIO64) DRV:64bit: - [2011-04-04 13:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp) DRV:64bit: - [2011-03-31 13:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem) DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010-12-21 14:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:64bit: - [2010-12-21 14:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:64bit: - [2010-12-21 12:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr) DRV:64bit: - [2010-12-21 06:55:02 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdm.sys -- (ss_mdm) DRV:64bit: - [2010-12-21 06:55:02 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bus.sys -- (ss_bus) DRV:64bit: - [2010-12-21 06:55:02 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdfl.sys -- (ss_mdfl) DRV:64bit: - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010-11-09 14:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135) DRV:64bit: - [2010-10-19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010-09-07 07:27:24 | 000,038,912 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60) DRV:64bit: - [2010-06-23 10:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010-06-11 13:37:14 | 000,015,368 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger) DRV:64bit: - [2010-04-01 13:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet) DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009-07-14 01:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda) DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009-05-08 10:56:26 | 000,053,632 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motodrv.sys -- (MotDev) DRV:64bit: - [2009-01-29 16:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl) DRV:64bit: - [2009-01-29 16:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService) DRV:64bit: - [2008-01-19 05:36:12 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irsir.sys -- (irsir) DRV:64bit: - [2007-12-17 03:25:14 | 000,047,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vuhub.sys -- (vuhub) DRV:64bit: - [2007-11-02 13:52:00 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService) DRV - [2010-09-07 07:27:24 | 000,038,912 | R--- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpr...1-876D7DF815B5} IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gazeta.hit.ge..._campaign=p_124 IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://uk.search.yah...icevm&type=ASRK IE - HKCU\..\SearchScopes\{533C4CC9-8012-47d6-BCF7-510A8812A6B4}: "URL" = http://www.google.co...q={searchTerms} IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpr...q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledAddons: status4evar@caligonstudios.com:2012.07.08.17 FF - prefs.js..extensions.enabledAddons: youtube2mp3@mondayx.de:1.2.3 FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-02-07 19:37:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-10-27 12:42:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-10-27 12:42:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012-06-24 20:00:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-08-14 10:01:22 | 000,000,000 | ---D | M] [2011-08-13 22:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions [2012-10-23 09:14:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\lidjkqnx.default\extensions [2012-08-27 09:51:56 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\lidjkqnx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011-08-18 09:38:22 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\lidjkqnx.default\extensions\IplextoALL@ALLPlayer.org.xpi [2012-07-09 17:07:11 | 000,163,080 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\lidjkqnx.default\extensions\status4evar@caligonstudios.com.xpi [2012-02-07 19:59:23 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\lidjkqnx.default\extensions\youtube2mp3@mondayx.de.xpi [2012-10-07 10:21:29 | 000,199,400 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\lidjkqnx.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2012-07-25 15:02:29 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\lidjkqnx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-10-09 13:23:02 | 000,002,370 | ---- | M] () -- C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\lidjkqnx.default\searchplugins\search.xml [2012-10-27 12:42:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012-10-27 12:42:50 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-10-27 12:42:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-10-27 12:42:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-10-27 12:42:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-27 12:42:56 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-06-18 13:02:49 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-18 13:02:49 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-18 13:02:49 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-18 13:02:49 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-06-18 13:02:49 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-18 13:02:49 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2012-03-25 09:11:50 | 000,001,418 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 preactivate.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 192.150.18.108 O1 - Hosts: 127.0.0.1 activate.adobe.com:443 O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (YouTube To ALLPlayer) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\PROGRA~2\ALLPLA~1\YOUTUB~1.DLL (ALLPlayer.org) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [ASRockXTU] File not found O4 - HKCU..\Run: [zASRockInstantBoot] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\user\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Ściągaj z Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\user\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Ściągaj z Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm () O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5D057C7-AA72-4AFA-AC93-E8AB6CE9F63A}: DhcpNameServer = 94.72.64.10 94.72.64.11 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F306E8E3-0D3A-4380-9886-2D4FD654044D}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ipp - No CLSID value found O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012-11-01 19:59:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2012-11-01 19:59:12 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2012-11-01 19:59:11 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2012-11-01 19:59:11 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2012-11-01 19:59:11 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2012-11-01 19:59:11 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2012-11-01 19:59:09 | 002,674,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2012-11-01 19:59:09 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2012-11-01 19:59:09 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2012-11-01 19:59:08 | 003,615,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2012-11-01 19:59:08 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2012-11-01 19:59:08 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll [2012-11-01 19:59:07 | 001,262,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2012-11-01 19:59:07 | 000,869,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2012-11-01 19:59:07 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2012-11-01 19:59:07 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2012-11-01 19:59:07 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2012-11-01 19:59:07 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2012-11-01 19:59:07 | 000,105,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll [2012-11-01 19:59:07 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2012-11-01 19:59:07 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2012-11-01 19:59:05 | 000,897,152 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll [2012-11-01 19:59:05 | 000,753,280 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll [2012-11-01 19:59:05 | 000,083,072 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll [2012-11-01 19:59:05 | 000,065,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll [2012-11-01 19:59:05 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll [2012-11-01 19:59:04 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2012-11-01 19:59:03 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll [2012-11-01 19:59:03 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2012-11-01 19:59:00 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2012-11-01 19:58:58 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2012-11-01 19:58:58 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2012-10-27 12:42:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012-10-26 12:17:32 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\Nowy folder [2012-10-22 09:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symulator Jazdy 2 [2012-10-21 16:34:21 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\EPOX_4PDA2_Intel_848_865_875 [2012-10-19 15:36:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012-10-13 14:30:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012-10-13 14:30:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2012-10-13 14:20:40 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Remedy [2012-10-10 12:08:10 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012-10-10 12:08:10 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012-10-10 12:08:10 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012-10-10 12:08:10 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012-10-10 12:08:10 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012-10-10 12:08:10 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012-10-10 12:08:10 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012-10-10 12:08:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012-10-10 12:08:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012-10-10 12:08:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012-10-10 12:08:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012-10-10 12:08:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012-10-10 12:08:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012-10-10 12:08:09 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012-10-10 12:08:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012-10-10 12:08:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012-10-10 12:08:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012-10-10 12:08:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012-10-10 12:08:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012-10-10 12:08:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012-10-10 12:08:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012-10-10 12:08:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012-10-10 12:08:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012-10-10 12:08:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012-10-10 12:08:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012-10-10 12:08:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012-10-10 12:08:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012-10-10 12:08:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012-10-10 12:08:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012-10-10 12:08:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012-10-10 12:08:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012-10-10 12:08:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012-10-10 12:08:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012-10-10 12:08:03 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012-10-10 12:08:02 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012-10-10 12:08:02 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012-10-10 12:08:01 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012-10-10 12:07:27 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012-10-10 12:07:26 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012-10-07 09:50:48 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Any Video Converter [2012-10-07 09:50:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\AnvSoft [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012-11-03 16:15:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-11-03 15:47:47 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-11-03 15:47:47 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-11-03 15:47:29 | 001,558,776 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-11-03 15:47:29 | 000,701,282 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-11-03 15:47:29 | 000,618,974 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-11-03 15:47:29 | 000,136,300 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-11-03 15:47:29 | 000,107,294 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-11-03 15:40:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-11-02 17:43:29 | 000,001,496 | ---- | M] () -- C:\Users\user\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2012-10-22 09:22:05 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2012-10-22 09:22:05 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2012-10-22 09:22:05 | 000,122,904 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2012-10-22 09:22:05 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2012-10-22 09:21:59 | 000,000,777 | ---- | M] () -- C:\Users\user\Desktop\Symulator Jazdy 2.lnk [2012-10-17 12:01:04 | 004,973,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-10-09 10:15:30 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012-10-09 10:15:30 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-10-09 09:53:55 | 000,000,132 | ---- | M] () -- C:\Users\user\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP [6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012-11-01 19:59:07 | 000,293,889 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT [2012-10-22 09:21:59 | 000,000,777 | ---- | C] () -- C:\Users\user\Desktop\Symulator Jazdy 2.lnk [2012-09-20 19:54:51 | 000,000,132 | ---- | C] () -- C:\Users\user\AppData\Roaming\Preferencje Adobe CS5 dla formatu BMP [2012-09-02 12:36:18 | 001,575,706 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012-05-03 09:43:49 | 000,000,020 | ---- | C] () -- C:\Program Files (x86)\shutdown.bat [2012-04-22 14:56:25 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2012-04-21 08:28:10 | 000,000,138 | ---- | C] () -- C:\Windows\Contagion.2011.PL.BRRip.XviD-NiNa.ini [2012-04-14 13:56:05 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2012-04-09 21:06:58 | 000,001,496 | ---- | C] () -- C:\Users\user\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs [2012-03-12 10:53:10 | 000,007,680 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-03-03 20:10:35 | 000,000,000 | ---- | C] () -- C:\Windows\ATTOBench32_2.47.INI [2012-02-04 09:51:29 | 000,000,191 | ---- | C] () -- C:\Windows\ATTO_Bench32_2.47.INI [2012-01-06 00:49:06 | 000,000,661 | ---- | C] () -- C:\Windows\unins000.dat [2011-12-05 22:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011-12-05 22:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011-11-10 03:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2011-11-10 03:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011-09-13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011-08-19 08:54:24 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI [2011-08-18 09:37:35 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-08-18 09:37:34 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-08-18 09:37:32 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011-08-18 09:37:32 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011-08-16 18:26:23 | 000,001,065 | ---- | C] () -- C:\Windows\winamp.ini [2011-08-16 15:33:00 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011-08-16 15:33:00 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2011-08-15 14:00:10 | 000,007,593 | ---- | C] () -- C:\Users\user\AppData\Local\Resmon.ResmonCfg [2011-08-13 21:04:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-04-09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011-03-02 06:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011-03-02 06:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011-03-02 06:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011-03-02 06:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011-03-02 06:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll ========== ZeroAccess Check ========== [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:C8B8CEBD @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86 < End of report > Extras OTL Extras logfile created on: 2012-11-03 16:32:20 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = G:\Programy Instalki\Bezpieczenstwo 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,98 Gb Total Physical Memory | 5,99 Gb Available Physical Memory | 74,99% Memory free 8,98 Gb Paging File | 6,77 Gb Available in Paging File | 75,35% Paging File free Paging file location(s): c:\pagefile.sys 1024 1024 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 80,00 Gb Total Space | 35,52 Gb Free Space | 44,41% Space Free | Partition Type: NTFS Drive E: | 250,00 Gb Total Space | 97,25 Gb Free Space | 38,90% Space Free | Partition Type: NTFS Drive F: | 300,00 Gb Total Space | 208,99 Gb Free Space | 69,66% Space Free | Partition Type: NTFS Drive G: | 301,41 Gb Total Space | 32,98 Gb Free Space | 10,94% Space Free | Partition Type: NTFS Computer Name: USER-KOMPUTER | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office 2007\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office 2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office 2007\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office 2007\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02240E32-61E1-4764-A720-500C3577AFE3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office 2007\office12\outlook.exe | "{430B4581-ABCD-478F-900A-BB4EDA0C771A}" = lport=445 | protocol=6 | dir=in | app=system | "{8CF31829-9357-41D3-B391-3C8A417F6D2D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{93D3646A-D47D-474A-AABB-4E8658A49259}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A38A2163-B141-4F95-AFFE-B96908A8D014}" = rport=445 | protocol=6 | dir=out | app=system | "{A6F504D5-F424-4DF5-AFE6-3319B1E4DD99}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{A8F199C0-486B-4F4E-919D-220F0A305003}" = lport=138 | protocol=17 | dir=in | app=system | "{B010BC0C-4AF8-4BF4-816C-9C46DE619E1C}" = rport=139 | protocol=6 | dir=out | app=system | "{CC40396B-04BC-44A2-9CDA-8D8C86A2D454}" = lport=139 | protocol=6 | dir=in | app=system | "{E3BACEE6-40DB-4F50-9843-221A16B53822}" = lport=137 | protocol=17 | dir=in | app=system | "{E87237FD-E3A4-4EAF-9A99-F0FCBD0135E7}" = rport=137 | protocol=17 | dir=out | app=system | "{F197A5F0-4973-4853-B87B-23AE4BE7943E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{F51D7FD4-C172-4BAE-B953-CA130BD68DF7}" = rport=138 | protocol=17 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01BA004F-97EF-42D6-A6C1-9FD14C19833D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{0B02EA24-1298-4EB2-87CF-FDB4220629FF}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe | "{140F4E84-A94E-4A8F-A640-F733C84C732A}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{16631904-C987-43FD-BF9F-2F10B99537AA}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\3ds max 9\3dsmax.exe | "{16E2344A-23DB-4FED-B73E-7AE2D0A8D34C}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10u wireless router utilities\qiswizard.exe | "{1AB736B6-3B05-481E-BBAF-09EFB86FACF7}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10u wireless router utilities\qiswizard.exe | "{2D223143-5850-4489-ADC9-B81FC11E671D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{2DE2AE2C-BDC6-4BB3-AEB1-F15F4411C721}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{2DE2D9E1-B39B-4643-89AF-A1A5DE6544B1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office 2007\office12\onenote.exe | "{352DB731-6105-4A26-B3FA-F9B85BF5C5CD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{359AF8B9-B63A-4A35-87EE-642E02AB0D11}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe | "{3E7BABB4-6136-4797-BEC2-3DE514DB3A46}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4066E9BE-EA5C-4829-931E-D76558C3BAB9}" = protocol=6 | dir=in | app=e:\gry\rockstar games\eflc\launcheflc.exe | "{428EF980-6197-49B9-8181-3125340F2FF4}" = protocol=6 | dir=in | app=e:\gry\rockstar games\rockstar games social club\rgsclauncher.exe | "{494D6C92-9DEB-40C9-BE88-490C28D06D80}" = protocol=17 | dir=in | app=e:\gry\maxpayne3\maxpayne3.exe | "{50590C07-62AE-48AF-866D-E76B1366D5E5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{517303F5-27F2-4F3F-8559-5AE4FC5F633C}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10u wireless router utilities\liveupdate.exe | "{551ED1CB-91D2-44C4-A1AF-2F1A59150BB7}" = protocol=6 | dir=in | app=f:\steam\steam.exe | "{5BC17C3A-90B1-4EFD-B6D3-54E066DE0333}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10u wireless router utilities\rescue.exe | "{5D24B373-6D67-4CF2-B353-EEDA27A5FDA6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office 2007\office12\groove.exe | "{5DFDBCD9-94A5-4338-B6EB-E58D188ACB72}" = protocol=17 | dir=in | app=e:\gry\maxpayne3\playmaxpayne3.exe | "{63BA7E8C-562E-4985-A17D-F4E04CA70490}" = protocol=6 | dir=in | app=e:\gry\dirt3\dirt3_game.exe | "{6473B533-7472-4A34-BA0B-C8DABEBE8A0C}" = protocol=17 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\launchgtaiv.exe | "{68092A31-471E-4476-8A7A-654EB6F45F6D}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\printer utilities\usbservice64.exe | "{699F1A59-78A8-4345-B48C-91FA1B98B316}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe | "{6AB2092A-5153-467E-848F-D20CEDFE0495}" = protocol=6 | dir=in | app=e:\softfiles\totalcmd\totalcmd.exe | "{74697FE4-9A69-4BBC-94D7-8E2AF5591DA7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{7A2F97BC-DC17-4F24-A8F3-0D4711C5EF8A}" = protocol=17 | dir=in | app=c:\users\user\appdata\local\temp\_tc0\printer\printer.exe | "{8871055E-AC3C-4D51-8C28-EAEB9ECA768B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office 2007\office12\onenote.exe | "{888001DC-D356-4246-BEB8-A22526C5915B}" = protocol=17 | dir=in | app=e:\gry\rockstar games\eflc\launcheflc.exe | "{8D061677-BB66-45CB-9F79-D8D8F815347A}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\printer utilities\usbservice64.exe | "{8F1D8748-0EAD-48FF-8A1C-567B18E51F4F}" = protocol=6 | dir=in | app=c:\users\user\appdata\local\temp\_tc0\printer\printer.exe | "{931950EF-574B-425F-82AB-53C5917B8397}" = protocol=17 | dir=in | app=f:\steam\steam.exe | "{9D106F9C-90E1-4DCB-B52B-8E4526F23040}" = protocol=6 | dir=in | app=e:\gry\maxpayne3\playmaxpayne3.exe | "{A02FF062-1AFE-415E-9124-0141A9A215A3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A2236203-AEE7-4C76-8690-EA7357535A84}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n10u wireless router utilities\discovery.exe | "{A243545E-863F-4D4F-84EB-D8BAFF6FA624}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A243F8E5-D19C-4FB9-8510-6F82CA2F9382}" = protocol=6 | dir=in | app=d:\printer\printer.exe | "{A69F3947-14BC-41F8-B3F2-86B0A1BB3ABE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{A81F7328-073C-46B0-9C6D-CE151179F31F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{AA987CC9-9D35-4867-BAD2-380CF71905EC}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10u wireless router utilities\rescue.exe | "{AF988D49-517E-4E60-A4E6-ECF52B01B862}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B0153CC2-7516-4EA9-A54F-11DE6BEC3E70}" = protocol=17 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\launchgtaiv.exe | "{B3EE2255-AAC8-4D5C-85A7-03B0A02BA4C8}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10u wireless router utilities\discovery.exe | "{B8277947-D354-4DA7-9CF6-E264743A463D}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe | "{B89D0A3E-85D0-4F6D-A5E1-F381C0077434}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C066BB8C-E6A2-41B9-90C1-A7CC0FC83778}" = protocol=17 | dir=in | app=e:\softfiles\totalcmd\totalcmd.exe | "{C1214B3E-79B2-46DE-8164-AE6441C7767E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office 2007\office12\groove.exe | "{C4734917-A5DE-451D-B021-8741BFAFB9DF}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe | "{C5779373-8A27-43F5-A6BD-B5390A8553B1}" = protocol=17 | dir=in | app=e:\gry\rockstar games\rockstar games social club\rgsclauncher.exe | "{CF0BA943-63D9-42F1-B135-8CAA299F56D5}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{CFA435DE-64FF-4157-BC94-8AB00B336003}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{D27CD4E6-58B6-4545-8BF2-F74D8FE0D44E}" = protocol=6 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\launchgtaiv.exe | "{D2C6F781-8062-4505-A5A7-A6F64944871E}" = protocol=6 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\launchgtaiv.exe | "{E871804F-8F73-4AF6-B366-51570EFCB8E0}" = protocol=17 | dir=in | app=d:\printer\printer.exe | "{E9ABFE5E-03CF-4180-B3FB-56E99A141904}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{EB58F67C-FC74-461C-86C1-F4E13631DAB2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{EE5B3726-EFCB-4160-9087-84A46A36E119}" = protocol=17 | dir=in | app=e:\gry\dirt3\dirt3_game.exe | "{F0BDAAD6-0C6E-441C-A3C3-A5AEFC816971}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n10u wireless router utilities\liveupdate.exe | "{F0EB5606-A0E3-4965-894B-E4EDFCC9DB20}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe | "{F6E1E19C-6D72-476A-9DAD-9EE300336C8F}" = protocol=6 | dir=in | app=e:\gry\maxpayne3\maxpayne3.exe | "{FD8EC433-7D2D-4FC5-8F7B-46511214AAE1}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\3ds max 9\3dsmax.exe | "TCP Query User{07F83C99-3BD1-4BB8-BA8A-31CE24C58743}C:\program files (x86)\motorola\rsd lite\sdl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola\rsd lite\sdl.exe | "TCP Query User{3DFF439C-9991-4182-8524-D0691BE772D2}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "TCP Query User{50936DD6-BD52-4A1B-ABB5-CD59C60D05C7}E:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\gtaiv.exe | "TCP Query User{5CDA5FD2-35E8-446A-88DD-0A303A331F56}E:\softfiles\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=e:\softfiles\totalcmd\totalcmd.exe | "TCP Query User{6586B151-5520-4EA8-82E2-678B54EC7006}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "TCP Query User{667AF9C4-4795-4C8C-B925-CA80C47AF432}E:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\gtaiv.exe | "TCP Query User{6B83BCC4-2690-4CF0-836C-467396873B16}E:\gry\maxpayne3\maxpayne3.exe" = protocol=6 | dir=in | app=e:\gry\maxpayne3\maxpayne3.exe | "TCP Query User{75D7A636-AE42-4AD2-80B0-8248019F6349}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "TCP Query User{8CF16112-0F65-4D1B-91A2-0614C577DFD1}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "TCP Query User{931A3BEE-324C-451E-BCB4-4FF8F863B270}E:\gry\rockstar games\eflc\eflc.exe" = protocol=6 | dir=in | app=e:\gry\rockstar games\eflc\eflc.exe | "TCP Query User{C4F4382D-54B3-493B-AF97-9F6081CFB450}E:\gry\gta4\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=e:\gry\gta4\grand theft auto iv\gtaiv.exe | "TCP Query User{D12DB588-5958-4883-986B-5C784592D054}C:\program files (x86)\motorola\rsd lite\sdl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola\rsd lite\sdl.exe | "TCP Query User{EA0B96F0-88B4-4E53-A173-8AE8334EDB2F}E:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\gtaiv.exe | "UDP Query User{06B1A057-7F54-4F77-ACBC-BAE1F0DE6AC4}E:\gry\maxpayne3\maxpayne3.exe" = protocol=17 | dir=in | app=e:\gry\maxpayne3\maxpayne3.exe | "UDP Query User{1527A5BD-EB77-44B4-9B3A-C0063F2944A4}E:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\gtaiv.exe | "UDP Query User{23C587EB-9195-4AE2-A9DA-212E0AF576B7}E:\gry\gta4\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=e:\gry\gta4\grand theft auto iv\gtaiv.exe | "UDP Query User{5967C955-2ECE-416F-9112-72898BAB20BE}C:\program files (x86)\motorola\rsd lite\sdl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola\rsd lite\sdl.exe | "UDP Query User{8B6347C1-9861-495B-9936-9BD58044B140}E:\softfiles\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=e:\softfiles\totalcmd\totalcmd.exe | "UDP Query User{9F9ABB7A-9520-4B3C-8573-CF6C4FAE6222}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{B09B30F3-14A7-4B8F-82B0-11CAD7805AC2}C:\program files (x86)\motorola\rsd lite\sdl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola\rsd lite\sdl.exe | "UDP Query User{B1B158CF-6056-43E7-AC8A-5B79D4ABEBD1}E:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\gtaiv.exe | "UDP Query User{CAA815CF-1862-4DA5-8B31-A7B970E70B2C}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "UDP Query User{E33699F9-106B-4F79-A36D-9E5500936F34}C:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu 10\gg.exe | "UDP Query User{ED548F6C-30C2-4CDB-A5CB-4A58EB4F1FA8}E:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=e:\gry\rockstar games\grand theft auto iv\gtaiv.exe | "UDP Query User{F1FF3606-6A19-4A74-9799-EF7D7E806C50}C:\program files (x86)\wapster\wapster aqq\aqq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wapster\wapster aqq\aqq.exe | "UDP Query User{FC984E9D-ECFC-4363-806B-78FA5CB955D0}E:\gry\rockstar games\eflc\eflc.exe" = protocol=17 | dir=in | app=e:\gry\rockstar games\eflc\eflc.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.8 "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers "{14297226-E0A0-3781-8911-E9D529552663}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 "{1CCF1727-A817-4FEE-A028-5466FB542934}" = Motorola Mobile Drivers Installation 5.2.0 "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}" = Debugging Tools for Windows (x64) "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{9E3B2120-0BD8-9865-0387-E9BAC2A53AD3}" = ccc-utility64 "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{ADED6869-D6D1-671E-9653-3782C21FA809}" = AMD Drag and Drop Transcoding "{B392B30E-40A5-8E20-7A98-833C66F84407}" = ATI AVIVO64 Codecs "{BE882A12-5A45-3DFF-9FD0-306DE65EB8A5}" = AMD Catalyst Install Manager "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D7647425-7A6F-4DC6-9F9A-71148AB424CD}" = ESET NOD32 Antivirus "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{EF393943-0CCE-9CD9-6181-96DF4E4428EF}" = AMD Media Foundation Decoders "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "ASRock App Charger_is1" = ASRock App Charger v1.0.4 "CPUID CPU-Z_is1" = CPUID CPU-Z 1.59 "HWiNFO64_is1" = HWiNFO64 Version 3.95 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "PhotomatixPro41x64_is1" = Photomatix Pro version 4.1.4 "Recuva" = Recuva "WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.44-5 (x64) "WinRAR archiver" = WinRAR 4.01 (64-bitowy) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00000415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0D97F8D1-2102-53D2-5633-C992D6086801}" = CCC Help Chinese Traditional "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{0EA00EA7-42C0-ED9C-9110-2C04B8EDBA66}" = CCC Help Italian "{0EB86B70-91FF-39BF-633C-785DF2218CC6}" = CCC Help French "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86 "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1686C07D-C2BB-A8B2-C5ED-32C4EE1A3E62}" = CCC Help Spanish "{18B6A9F8-25BC-5978-6B42-A50FA2CABC18}" = CCC Help English "{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3 "{1C36647E-F5BD-43E9-BA64-5F274B7F7051}_is1" = Symulator Jazdy 2 v.1.0 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.1 "{23D51AF4-E674-4F4C-A937-F98E458A37AB}_is1" = Testy B 2011b "{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 37 "{273582E8-BF56-4E00-848D-1D859BFCAD70}_is1" = Serious Sam 3 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{298C6691-46B2-2065-0DD7-1E7B3B669A47}" = CCC Help Finnish "{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding "{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Backburner "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{400C5445-1AE8-1A41-CAC6-AB114341F65D}" = CCC Help Swedish "{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "{448B1C6D-02C2-7681-66B2-624E58B25375}" = CCC Help Turkish "{46EB9D45-FC1A-2635-1693-176E6FA1C672}" = CCC Help Portuguese "{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11 "{4769E972-2E92-49C5-B6F9-465EFD0C4D94}" = VirtualDJ PRO Full "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-111000028702}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-111000028703}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-111000028704}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-111000028705}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-111000028706}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-111000028707}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-111000038702}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-111000038703}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-111000038704}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{609891EF-E428-4A87-9B75-2F401FDFC02B}" = ASUS RT-N10U Wireless Router Utilities "{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{651F43AA-3F06-9277-6F1B-8E8155017463}" = CCC Help Polish "{660787DD-68B3-4E67-9073-4A66DD7AD193}" = ASUS VGA Driver "{68DE32E1-292B-6A02-6A53-935BFAE70C99}" = CCC Help Chinese Standard "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}" = 3dsmax ancillary install "{7C9AD221-994C-45B2-B46D-26F5735158CF}" = Sony Vegas Pro 8.0 "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor "{818212BA-7F8C-DDF9-64BE-F6D0B6F46D29}" = CCC Help German "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84F4542C-ED64-28AC-49B3-1A9BAB395AB4}" = CCC Help Hungarian "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{884D5BD0-13F2-8744-BE54-43BC21DFA06A}" = HydraVision "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8C9DDCAA-91E1-4DAA-BC65-68BD80546B98}}_is1" = PIT-OPP 2011 "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.3 "{958E2B23-6146-4A21-9532-9F59049E9B35}" = Motorola Phone Tools "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C41195F-11B3-8EEC-6634-7183BE6CB1B1}" = CCC Help Japanese "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A33A89D0-2F48-FD1C-A243-9073EE0592E0}" = Catalyst Control Center InstallProxy "{A66FB6C7-B689-AFD5-21BA-7CAF8E44E6E6}" = Catalyst Control Center Graphics Previews Common "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4) "{AE136F7F-7DC6-600F-9DF9-BFA0DF516135}" = Catalyst Control Center Localization All "{B4CF00AE-2622-7BC6-24EC-4E5A0A8C9135}" = CCC Help Czech "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools "{BAE1C0A8-634D-CFF1-0E0C-893092427D34}" = CCC Help Danish "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo "{C2DEC505-79A9-E952-32B0-31B67B83E231}" = CCC Help Korean "{C2FB14FB-DF6B-287D-BDC3-C7BEC86F539E}" = Catalyst Control Center "{CCEFAE22-4D01-0084-D1CA-AC14AA743A97}" = CCC Help Greek "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DE460826-5E72-2357-154F-E376F9926008}" = CCC Help Norwegian "{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller "{E21FFD29-D231-3BD3-6941-15710E44BED4}" = CCC Help Dutch "{E3E313C7-0AE2-7F44-52E8-528D4EDC74B2}" = CCC Help Thai "{E96D4088-AAC5-437F-9E39-EC0E387897B4}" = Autodesk 3ds Max 9 32-bit "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools "{F9929777-7B6E-F53D-3105-1C06E5120CA1}" = CCC Help Russian "{FBEA1DA0-5289-4B11-983C-3D9FA03E670F}" = RSDLite "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE "AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.85 "Alan Wake_is1" = Alan Wake "ALLPlayer_is1" = ALLPlayer V5.X "AQQ" = WapSter AQQ "ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.54 "ASRock InstantBoot_is1" = ASRock InstantBoot v1.26 "CanonMyPrinter" = Canon My Printer "CanonSolutionMenuEX" = Canon Solution Menu EX "CDex" = CDex - Open Source Digital Audio CD Extractor "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Cool Edit Pro 2.0" = Cool Edit Pro 2.0 "DAEMON Tools Lite" = DAEMON Tools Lite "Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX "Easy-WebPrint EX" = Canon Easy-WebPrint EX "ENTERPRISE" = Microsoft Office Enterprise 2007 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50 "FBX Plugin 2006.08 for Max 9.0" = FBX Plugin 2006.08 for Max 9.0 "Foxit Reader_is1" = Foxit Reader 5.0 "Fraps" = Fraps (remove only) "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918 "Gadu-Gadu 10" = Gadu-Gadu 10 "GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "HD Tach_is1" = HD Tach version 3 "HD Tune Pro_is1" = HD Tune Pro 5.00 "HD Tune_is1" = HD Tune 2.55 "Icon Restore_is1" = Icon Restore 1.0 "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor "InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller "IrfanView" = IrfanView (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 7.6.0 (Full) "Łatka polonizacyjna GTA IV: The Lost and Damned v1.1 oraz GTA IV: The Ballad of Gay Tony v1.0" = Łatka polonizacyjna GTA IV: The Lost and Damned v1.1 oraz GTA IV: The Ballad of Gay Tony v1.0 "Mafia II_is1" = Mafia II "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.65.1.1000 "MiPony" = MiPony 1.6.4 "MozBackup" = MozBackup 1.5.1 "Mozilla Firefox 16.0.2 (x86 pl)" = Mozilla Firefox 16.0.2 (x86 pl) "Mozilla Thunderbird 16.0.1 (x86 pl)" = Mozilla Thunderbird 16.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "MP Navigator EX 4.0" = Canon MP Navigator EX 4.0 "NapiProjekt_is1" = NapiProjekt 2.0.0 (build 2151) "OCCT_is1" = OCCT Perestroika 3.1.0 "OpenAL" = OpenAL "PIT 2011 z Gazetą Wyborczą_is1" = PIT 2011 z Gazetą Wyborczą ver. 8.0.1.4 "Railworks 3 Train Simulator 2012 Deluxe_is1" = Railworks 3 Train Simulator 2012 Deluxe "rayatitray" = Ray Adams ATI Tray Tools "RealAlt_is1" = Real Alternative 2.0.2 "RealPlayer 15.0" = RealPlayer "Rejestracja użytkownika drukarki Canon MP280 series" = Rejestracja użytkownika drukarki Canon MP280 series "Rockstar Games Social Club" = Rockstar Games Social Club "Skrzyżowania_is1" = Skrzyżowania 1.0.0.17 "SpeedFan" = SpeedFan (remove only) "Totalcmd" = Total Commander (Remove or Repair) "TrueCrypt" = TrueCrypt "uTorrent" = µTorrent "Visible" = "Winamp" = Winamp "YouTube to ALLPlayer_is1" = YouTube to ALLPlayer "Znaki Drogowe_is1" = Znaki Drogowe ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2012-11-01 15:02:28 | Computer Name = user-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-11-02 10:17:58 | Computer Name = user-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-11-02 12:14:08 | Computer Name = user-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: SUPER.exe, wersja: 2.0.12.53, sygnatura czasowa: 0x2a425e19 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x678a9e84 Identyfikator procesu powodującego błąd: 0x15e8 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdb9151404f28a Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 54595e77-2508-11e2-a052-3c0080342443 Error - 2012-11-02 12:14:20 | Computer Name = user-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: SUPER.exe, wersja: 2.0.12.53, sygnatura czasowa: 0x2a425e19 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x678a9e84 Identyfikator procesu powodującego błąd: 0x16d4 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdb9151c994543 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 5b29da82-2508-11e2-a052-3c0080342443 Error - 2012-11-02 12:14:48 | Computer Name = user-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: SUPER.exe, wersja: 2.0.12.53, sygnatura czasowa: 0x2a425e19 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x678a9e84 Identyfikator procesu powodującego błąd: 0x1784 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdb9152d06ae46 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 6ba5c2ac-2508-11e2-a052-3c0080342443 Error - 2012-11-02 12:16:16 | Computer Name = user-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: SUPER.exe, wersja: 2.0.12.53, sygnatura czasowa: 0x2a425e19 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x678a9e84 Identyfikator procesu powodującego błąd: 0x1794 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdb91561ae2685 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: a045729e-2508-11e2-a052-3c0080342443 Error - 2012-11-02 12:17:49 | Computer Name = user-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: SUPER.exe, wersja: 2.0.12.53, sygnatura czasowa: 0x2a425e19 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x678a9e84 Identyfikator procesu powodującego błąd: 0x1624 Godzina uruchomienia aplikacji powodującej błąd: 0x01cdb91598e37f27 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: d780e5d7-2508-11e2-a052-3c0080342443 Error - 2012-11-02 12:18:37 | Computer Name = user-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: SUPER.exe, wersja: 2.0.12.53, sygnatura czasowa: 0x2a425e19 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x678a9e84 Identyfikator procesu powodującego błąd: 0x102c Godzina uruchomienia aplikacji powodującej błąd: 0x01cdb915b611dd3a Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: f4ab9a5c-2508-11e2-a052-3c0080342443 Error - 2012-11-02 13:10:14 | Computer Name = user-Komputer | Source = WinMgmt | ID = 10 Description = Error - 2012-11-03 10:42:15 | Computer Name = user-Komputer | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 2012-11-01 15:15:35 | Computer Name = user-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error - 2012-11-01 15:15:36 | Computer Name = user-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error - 2012-11-01 15:21:00 | Computer Name = user-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR3. Error - 2012-11-01 15:21:01 | Computer Name = user-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR3. Error - 2012-11-01 15:21:02 | Computer Name = user-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR3. Error - 2012-11-01 15:25:25 | Computer Name = user-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR5. Error - 2012-11-01 15:25:26 | Computer Name = user-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR5. Error - 2012-11-01 15:25:26 | Computer Name = user-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR5. Error - 2012-11-02 12:49:06 | Computer Name = user-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error - 2012-11-02 12:49:07 | Computer Name = user-Komputer | Source = Disk | ID = 262155 Description = Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. < End of report > OTL.Txt Extras.Txt Cytuj Udostępnij tę odpowiedź Odnośnik do odpowiedzi Udostępnij na innych stronach Więcej opcji udostępniania...
Kolobos Opublikowano 3 Listopada 2012 Zgłoś Opublikowano 3 Listopada 2012 Wykonaj skrypt w OTL: :OTL IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.bigseekpro.com/bsprpc/{B725B14B-2CA4-4373-B741-876D7DF815B5} IE - HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://gazeta.hit.gemius.pl/hitredir/id=1_2aoau32zKrY2K8AzHtuKPMXfaG5wd126fPuctBzrP.67/stparam=loptipgnqn/url=http://www.gazeta.pl/0,0.html?promocja=pit2011_wyb01&utm_campaign=p_124 IE - HKCU..SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK IE - HKCU..SearchScopes{533C4CC9-8012-47d6-BCF7-510A8812A6B4}: "URL" = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pl&q={searchTerms} IE - HKCU..SearchScopes{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/bsprpc/{B725B14B-2CA4-4373-B741-876D7DF815B5}?q={searchTerms} [2011-10-09 13:23:02 | 000,002,370 | ---- | M] () -- C:UsersuserAppDataRoamingmozillafirefoxprofileslidjkqnx.defaultsearchpluginssearch.xml O3 - HKCU..ToolbarWebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. Uzyj AdwCleaner, opcja Delete. Cytuj Udostępnij tę odpowiedź Odnośnik do odpowiedzi Udostępnij na innych stronach Więcej opcji udostępniania...
::snoopy:: Opublikowano 8 Listopada 2012 Zgłoś Opublikowano 8 Listopada 2012 Nie pomogło, ten komunikat nadal się pojawia. Cytuj Udostępnij tę odpowiedź Odnośnik do odpowiedzi Udostępnij na innych stronach Więcej opcji udostępniania...
Kolobos Opublikowano 8 Listopada 2012 Zgłoś Opublikowano 8 Listopada 2012 Odinstaluj: Free YouTube to MP3 Converter version 3.11.32.918 Wykonaj skrypt w OTL: :OTL [2012-08-27 09:51:56 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:UsersuserAppDataRoamingmozillaFirefoxProfileslidjkqnx.defaultextensions{ACAA314B-EEBA-48e4-AD47-84E31C44796C} W ostatecznosci odinstaluj Firefox, usun katalog profilu FF i zainstaluj ponownie. Cytuj Udostępnij tę odpowiedź Odnośnik do odpowiedzi Udostępnij na innych stronach Więcej opcji udostępniania...
