Zacinanie filmików youtube vod tvn player - logi

[Paulka]

proszę o pomoc z logami, dotyczy tematu: wymiana grafiki a dokładniej chodzi o to że filmiki nie tylko na youtube przycinają. nawet filmy odtwarzane z dysku.

Kod: Zaznacz wszystko

GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-09-07 20:09:41
Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD800JB-00JJA0 rev.05.01C05 74,53GB
Running: ig4u02gz.exe; Driver: C:\DOCUME~1\Mapecik\USTAWI~1\Temp\kxldypoc.sys


---- System - GMER 2.1 ----

SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwAssignProcessToJobObject [0xF53AF610]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwDebugActiveProcess [0xF53AFC10]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwDuplicateObject [0xF53AF730]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwOpenProcess [0xF53AF4B0]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwOpenThread [0xF53AF570]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwProtectVirtualMemory [0xF53AF6D0]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwQueueApcThread [0xF53AF790]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwSetContextThread [0xF53AF690]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwSetInformationThread [0xF53AF650]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwSetSecurityObject [0xF53AF7D0]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwSuspendProcess [0xF53AF510]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwSuspendThread [0xF53AF590]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwTerminateProcess [0xF53AF4D0]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwTerminateThread [0xF53AF5D0]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                               ZwWriteVirtualMemory [0xF53AF750]

---- Kernel code sections - GMER 2.1 ----

.text           C:\WINDOWS\system32\DRIVERS\nv4_mini.sys                                                                             section is writeable [0xF66EC360, 0x20598D, 0xE8000020]

---- User code sections - GMER 2.1 ----

.text           C:\Program Files\ESET\ESET Smart Security\ekrn.exe[1288] kernel32.dll!SetUnhandledExceptionFilter                    7C84495D 4 Bytes  [C2, 04, 00, 00]
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[2820] USER32.dll!DefWindowProcA + 11A                          7E37C298 7 Bytes  JMP 109DECBA C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[2820] USER32.dll!SetWindowLongA + 19                           7E37C2B6 7 Bytes  JMP 109DEC49 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[2820] USER32.dll!GetWindowInfo                                 7E37C49C 5 Bytes  JMP 107FC6FD C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\plugin-container.exe[2820] USER32.dll!GetMenuContextHelpId + 1A                     7E3B5319 7 Bytes  JMP 107FCCF3 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3568] ntdll.dll!LdrLoadDll                                              7C9163C3 5 Bytes  JMP 0171F140 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3568] kernel32.dll!lstrlenW + 43                                        7C809AEC 7 Bytes  JMP 01D3FDF5 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3568] kernel32.dll!MapViewOfFileEx + 6A                                 7C80B9A0 7 Bytes  JMP 01D3FDD2 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3568] kernel32.dll!ValidateLocale + B130                                7C844958 7 Bytes  JMP 01722942 C:\Program Files\Mozilla Firefox\xul.dll
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3568] GDI32.dll!SetDIBitsToDevice + 20A                                 77F19E14 7 Bytes  JMP 01D3FD53 C:\Program Files\Mozilla Firefox\xul.dll

---- Devices - GMER 2.1 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                               eamon.sys
AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                             epfwtdi.sys
AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                            epfwtdi.sys

Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3                                                                          sfsync02.sys
Device          \Driver\atapi \Device\Ide\IdePort0                                                                                   sfsync02.sys
Device          \Driver\atapi \Device\Ide\IdePort1                                                                                   sfsync02.sys
Device          \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e                                                                          sfsync02.sys

AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                            epfwtdi.sys
AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                          epfwtdi.sys
AttachedDevice  \FileSystem\Fastfat \Fat                                                                                             fltmgr.sys
AttachedDevice  \FileSystem\Fastfat \Fat                                                                                             eamon.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b00026                                         
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b00026@0012ee78cf45                             0xA2 0x8B 0x0A 0x55 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                                     
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                  C:\Program Files\DAEMON Tools\
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                  0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                               0x0E 0x35 0xA3 0x06 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001                           
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                         0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                      0x57 0x77 0x5B 0x6A ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40                     
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                0xFB 0x4A 0xE9 0x06 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)                 
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                      C:\Program Files\DAEMON Tools\
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                      0
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                   0x0E 0x35 0xA3 0x06 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)       
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                          0x57 0x77 0x5B 0x6A ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) 
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                    0xFB 0x4A 0xE9 0x06 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000272b00026 (not active ControlSet)                     
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000272b00026@0012ee78cf45                                 0xA2 0x8B 0x0A 0x55 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)                 
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                      C:\Program Files\DAEMON Tools\
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                      0
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                   0x0E 0x35 0xA3 0x06 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)       
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                          0x57 0x77 0x5B 0x6A ...
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) 
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                    0xFB 0x4A 0xE9 0x06 ...

---- EOF - GMER 2.1 ----


Kod: Zaznacz wszystko

OTL logfile created on: 2013-09-07 20:09:22 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Mapecik\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1022,80 Mb Total Physical Memory | 293,78 Mb Available Physical Memory | 28,72% Memory free
1,91 Gb Paging File | 1,16 Gb Available in Paging File | 61,06% Paging File free
Paging file location(s): F:\pagefile.sys 1024 1024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 23,09 Gb Total Space | 13,54 Gb Free Space | 58,64% Space Free | Partition Type: NTFS
Drive D: | 49,78 Gb Total Space | 19,98 Gb Free Space | 40,12% Space Free | Partition Type: NTFS
Drive F: | 1,65 Gb Total Space | 0,48 Gb Free Space | 29,15% Space Free | Partition Type: FAT

Computer Name: SEMPRON | User Name: Mapecik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013-09-07 20:03:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mapecik\Moje dokumenty\Pobieranie\OTL.exe
PRC - [2013-09-07 19:18:08 | 000,377,856 | ---- | M] () -- C:\Documents and Settings\Mapecik\Moje dokumenty\Pobieranie\ig4u02gz.exe
PRC - [2013-09-07 18:59:32 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013-07-18 18:44:45 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2011-01-12 16:41:24 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009-02-10 16:30:02 | 000,364,544 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\corecom\CoreCom.exe
PRC - [2008-06-20 12:11:04 | 000,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\corecom\OraConfigRecover.exe
PRC - [2008-06-20 12:08:24 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
PRC - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
PRC - [2008-06-10 11:14:42 | 000,147,456 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Systray\SystrayApp.exe
PRC - [2008-06-10 11:14:14 | 000,602,864 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Launcher\Launcher.exe
PRC - [2008-06-10 11:11:34 | 000,712,704 | ---- | M] (France Telecom SA) -- C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe
PRC - [2008-06-10 11:11:04 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
PRC - [2008-04-14 23:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005-03-13 17:57:54 | 000,387,584 | ---- | M] () -- C:\Program Files\Office Keyboard\KBDAP32A.EXE
PRC - [2004-05-17 14:57:00 | 000,184,320 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe
PRC - [2004-03-03 08:09:10 | 005,730,304 | ---- | M] (VIA Technologies, Inc.) -- C:\Program Files\VIAudioi\SBADeck\ADeck.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013-09-07 19:18:08 | 000,377,856 | ---- | M] () -- C:\Documents and Settings\Mapecik\Moje dokumenty\Pobieranie\ig4u02gz.exe
MOD - [2013-09-07 18:59:32 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013-08-23 13:36:30 | 016,166,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2011-07-29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2008-06-10 11:14:36 | 000,589,824 | ---- | M] () -- C:\Program Files\Livebox\Launcher\Plugins\PluginLnhPromptManager2.dll
MOD - [2008-06-10 11:14:30 | 000,237,568 | ---- | M] () -- C:\Program Files\Livebox\Launcher\Plugins\PluginLnhRecovery.dll
MOD - [2007-03-01 15:16:56 | 000,128,512 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006-01-25 15:48:36 | 000,032,768 | ---- | M] () -- C:\Program Files\Livebox\Launcher\WatchClient.dll
MOD - [2005-03-13 17:57:54 | 000,387,584 | ---- | M] () -- C:\Program Files\Office Keyboard\KBDAP32A.EXE
MOD - [2005-03-13 17:57:54 | 000,053,248 | ---- | M] () -- C:\Program Files\Office Keyboard\KBDDL32A.DLL
MOD - [2005-03-13 17:57:54 | 000,032,768 | ---- | M] () -- C:\Program Files\Office Keyboard\kbd32g.dll
MOD - [2005-03-13 17:57:54 | 000,012,288 | ---- | M] () -- C:\Program Files\Office Keyboard\kbd32s.dll
MOD - [2004-03-03 15:11:46 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\UnAudioNT.dll
MOD - [2004-03-03 08:09:12 | 000,032,768 | ---- | M] () -- C:\Program Files\VIAudioi\SBADeck\ExtendDll.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - [2013-09-07 18:59:32 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-08-23 13:36:44 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-02-28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-01-12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2011-01-12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2008-06-20 12:08:08 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe -- (FTRTSVC)
SRV - [2004-05-17 14:57:00 | 000,184,320 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\GAMES\UltraStar Deluxe\zlportio.sys -- (zlportio)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | Disabled | Stopped] -- System32\Drivers\sptd.sys -- (sptd)
DRV - File not found [Kernel | On_Demand | Stopped] -- G:\NTGLM7X.sys -- (SetupNTGLM7X)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RadProbe.sys -- (RadProbe)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- G:\NTACCESS.sys -- (NTACCESS)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Mapecik\USTAWI~1\Temp\kxldypoc.sys -- (kxldypoc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AWRTRD.sys -- (Ad-Watch Registry Filter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\adiusbae.sys -- (adiusbae)
DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\adildr.sys -- (ADILOADER)
DRV - [2013-09-07 18:35:40 | 000,022,560 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\HWiNFO32.SYS -- (HWiNFO32)
DRV - [2010-12-21 15:04:06 | 000,141,264 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010-12-21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-12-21 13:47:38 | 000,134,000 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2010-12-21 13:47:38 | 000,033,120 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010-08-03 12:28:36 | 000,055,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2006-04-07 18:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VNUSB.sys -- (VNUSB)
DRV - [2006-03-01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2004-12-09 17:25:49 | 000,047,104 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2004-12-03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02)
DRV - [2004-10-28 12:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2004-02-11 07:51:46 | 000,115,840 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viaudios.sys -- (VIAudio)
DRV - [2003-09-23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2003-09-02 12:22:52 | 000,044,032 | R--- | M] (VIA Networking Technologies, Inc.       ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\getnd5b.sys -- (GETNDIS)
DRV - [2003-07-02 05:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2002-09-16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {CF739809-1C6C-47C0-85B9-569DBB141420}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&crm=1rch.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Livebox\SearchURLHook\SearchPageURL.dll ()
IE - HKCU\..\SearchScopes,DefaultScope = {8C8E0027-3907-438D-BB48-44CC1F6AF800}
IE - HKCU\..\SearchScopes\{8C8E0027-3907-438D-BB48-44CC1F6AF800}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q={searchTerms}&crm=1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?l=dis&o=16625&gct=hp"
FF - prefs.js..extensions.enabledAddons: jqs%40sun.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2027: C:\Program Files\Real Alternative\browser\plugin\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040: C:\Program Files\Real Alternative\browser\plugin\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-19 09:19:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-09-07 18:59:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-09-07 18:59:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-08-21 08:15:19 | 000,000,000 | ---D | M]

[2009-08-23 09:46:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mapecik\Dane aplikacji\Mozilla\Extensions
[2013-05-22 17:15:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mapecik\Dane aplikacji\Mozilla\Firefox\Profiles\95s0m4un.default\extensions
[2008-12-19 21:30:56 | 000,000,404 | ---- | M] () -- C:\Documents and Settings\Mapecik\Dane aplikacji\Mozilla\Firefox\Profiles\95s0m4un.default\searchplugins\ask.xml
[2011-08-27 07:43:49 | 000,002,568 | ---- | M] () -- C:\Documents and Settings\Mapecik\Dane aplikacji\Mozilla\Firefox\Profiles\95s0m4un.default\searchplugins\askcom.xml
[2013-09-07 18:59:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-09-07 18:59:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013-09-07 18:59:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010-02-14 15:19:34 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2005-04-05 05:38:20 | 000,053,355 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\NPJinit13122.dll
[2012-11-10 10:30:23 | 000,003,574 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml

[color=#E56717]========== Chrome  ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.62\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Mapecik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Mapecik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Oracle JInitiator (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPJinit13122.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - Extension: YouTube = C:\Documents and Settings\Mapecik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Documents and Settings\Mapecik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Mapecik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Mapecik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Documents and Settings\Mapecik\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2005-04-06 21:47:31 | 000,000,000 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [FLMK08KB] C:\Program Files\Office Keyboard\KBDAP32A.EXE ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [ORAHSSSessionManager] C:\Program Files\Livebox\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\qttask.exe (Apple Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00  [binary data]
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} http://www.eska.pl/streamplayers/OggX.ocx (OggX Control)
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} http://shrimp.uokik.gov.pl/forms/jinitiator/jinit.exe (JInitiator 1.3.1.22)
O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} http://asp07.photoprintit.de/microsite/1661/defaults/activex/IPSUploader.cab (IPSUploader Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ACB97843-20D8-4FA1-AF4C-EC1FB4841942}: DhcpNameServer = 192.168.1.1 0.0.0.0
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Mapecik\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mapecik\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005-02-22 23:18:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012-04-09 13:56:50 | 000,092,912 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O32 - AutoRun File - [2012-04-07 14:49:04 | 2284,524,433 | ---- | M] () - D:\AutoMapa_6.10b_EU.exe -- [ NTFS ]
O33 - MountPoints2\{1c0b58f3-ffa7-11df-ab91-001109318a9b}\Shell - "" = AutoRun
O33 - MountPoints2\{1c0b58f3-ffa7-11df-ab91-001109318a9b}\Shell\AutoRun\command - "" = F:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (oodbs)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013-09-07 18:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013-09-07 18:46:12 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013-09-07 18:35:40 | 000,022,560 | ---- | C] (REALiX(tm)) -- C:\WINDOWS\System32\drivers\HWiNFO32.SYS
[2013-09-07 18:35:33 | 000,000,000 | ---D | C] -- C:\Program Files\HWiNFO32
[2013-09-07 18:35:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\HWiNFO32
[2013-08-20 19:35:14 | 017,737,608 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2060-08-18 20:02:32 | 002,023,424 | ---- | M] (Inprise Corporation) -- C:\WINDOWS\System32\VCL50.BPL
[2060-08-18 20:02:22 | 001,496,064 | ---- | M] (Inprise Corporation) -- C:\WINDOWS\System32\CC3250MT.DLL
[2060-08-18 20:02:12 | 000,248,832 | ---- | M] (Inprise Corporation) -- C:\WINDOWS\System32\VCLX50.BPL
[2060-08-18 19:40:44 | 000,909,824 | ---- | M] (Inprise Corporation) -- C:\WINDOWS\System32\CP3245MT.DLL
[2060-08-18 19:40:44 | 000,024,064 | ---- | M] (Inprise Corporation) -- C:\WINDOWS\System32\BORLNDMM.DLL
[2013-09-07 19:49:56 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-09-07 19:34:20 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-09-07 19:15:14 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-09-07 19:15:13 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2013-09-07 19:14:59 | 000,043,573 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013-09-07 19:14:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-09-07 19:14:48 | 001,527,168 | ---- | M] () -- C:\WINDOWS\System32\OODBS.lor
[2013-09-07 18:50:51 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013-09-07 18:35:40 | 000,022,560 | ---- | M] (REALiX(tm)) -- C:\WINDOWS\System32\drivers\HWiNFO32.SYS
[2013-09-07 15:27:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-09-01 14:35:53 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PKP_DLet.DAT
[2013-09-01 14:28:35 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PKP_DLev.DAT
[2013-08-23 13:36:39 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013-08-23 13:36:35 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013-08-23 13:35:58 | 017,737,608 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013-08-16 13:17:18 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2019-02-26 23:41:48 | 000,000,012 | ---- | C] () -- C:\WINDOWS\System32\mapisvc.inf
[2011-07-19 19:46:04 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ReminderNextRun
[2011-07-17 20:01:52 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Mapecik\Dane aplikacji\$_hpcst$.hpc
[2011-07-17 08:59:12 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Image Manipulation
[2011-07-17 08:59:12 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Image Capture
[2011-07-17 08:59:12 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Mapecik\Dane aplikacji\Hybrid Morph
[2011-07-17 08:59:12 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Mapecik\Dane aplikacji\Hybrid Chords
[2011-07-17 08:59:12 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\PKP_DLev.DAT
[2011-07-17 08:59:12 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\PKP_DLes.DAT
[2011-07-17 08:59:11 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Icons
[2011-07-17 08:59:11 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Mapecik\Dane aplikacji\Hybrid Basic
[2011-07-17 08:59:11 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\PKP_DLet.DAT
[2009-03-16 21:05:16 | 000,001,101 | ---- | C] () -- C:\Documents and Settings\Mapecik\jinitiator13122.trace
[2005-02-24 11:45:51 | 000,000,528 | ---- | C] () -- C:\Documents and Settings\Mapecik\MultiRes.INI
[2005-02-24 01:04:43 | 000,000,448 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2005-02-23 19:43:39 | 000,080,896 | ---- | C] () -- C:\Documents and Settings\Mapecik\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 23:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 23:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2005-02-24 02:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems
[2012-01-15 15:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Big Fish Games
[2012-08-19 09:07:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files
[2011-07-17 08:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EnterNHelp
[2007-11-03 15:06:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET
[2013-06-26 13:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData
[2011-07-17 13:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nikon
[2010-08-07 10:08:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SafeNet Sentinel
[2007-11-04 13:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sandlot Games
[2011-07-17 08:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Screen Saver
[2011-07-17 08:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sound Effects
[2011-07-17 08:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Speech Enhancer
[2012-01-15 15:11:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP
[2011-07-17 08:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ultima_T15
[2013-05-11 19:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\.wtw
[2005-10-15 14:18:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\ACD Systems
[2013-06-11 18:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\BitTorrent
[2012-08-19 09:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\DDMSettings
[2010-04-05 10:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1
[2012-01-15 15:10:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\ERS Game Studios
[2007-11-03 15:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\ESET
[2010-10-08 21:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\EurekaLog
[2012-12-09 11:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\foobar2000
[2008-10-19 17:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\Gadu-Gadu
[2007-01-14 18:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\Leadertech
[2011-07-02 20:38:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\Maxthon3
[2011-01-11 21:26:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\MxBoost
[2011-07-17 09:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\Nikon
[2009-02-23 20:16:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\Nowe Gadu-Gadu
[2012-06-15 17:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\OpenOffice.ux.pl2
[2008-11-26 21:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\Simply Super Software
[2013-06-11 19:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\TuneUp Software
[2008-12-25 19:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\uTorrent
[2009-09-02 20:12:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mapecik\Dane aplikacji\WeatherWatcher

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 168 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:CB0AACC9
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:6896CCCE
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2

< End of report >


Kod: Zaznacz wszystko

OTL Extras logfile created on: 2013-09-07 20:09:22 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Mapecik\Moje dokumenty\Pobieranie
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1022,80 Mb Total Physical Memory | 293,78 Mb Available Physical Memory | 28,72% Memory free
1,91 Gb Paging File | 1,16 Gb Available in Paging File | 61,06% Paging File free
Paging file location(s): F:\pagefile.sys 1024 1024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 23,09 Gb Total Space | 13,54 Gb Free Space | 58,64% Space Free | Partition Type: NTFS
Drive D: | 49,78 Gb Total Space | 19,98 Gb Free Space | 40,12% Space Free | Partition Type: NTFS
Drive F: | 1,65 Gb Total Space | 0,48 Gb Free Space | 29,15% Space Free | Partition Type: FAT

Computer Name: SEMPRON | User Name: Mapecik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\7.0\ACDSee7.exe" "%1" (ACD Systems Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MPCscan.Scan] -- "C:\Program Files\Musepack\MPCscan.exe" "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Gadu-Gadu\ggphone\ggphone.exe" = C:\Program Files\Gadu-Gadu\ggphone\ggphone.exe:*:Disabled:TODO: <File description>
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule
"C:\Program Files\Maxthon\Maxthon.exe" = C:\Program Files\Maxthon\Maxthon.exe:*:Enabled:Maxthon Web Browser -- (Maxthon International Ltd.)
"C:\Program Files\eDonkey2000\edonkey2000.exe" = C:\Program Files\eDonkey2000\edonkey2000.exe:*:Disabled:edonkey2000
"C:\Program Files\Halo-Halo\Halo-Halo.exe" = C:\Program Files\Halo-Halo\Halo-Halo.exe:*:Disabled:Komunikator Halo-Halo
"D:\GAMES\Sacred\GameServer.exe" = D:\GAMES\Sacred\GameServer.exe:*:Disabled:Sacred Gameserver
"C:\Program Files\totalcmd\TOTALCMD.EXE" = C:\Program Files\totalcmd\TOTALCMD.EXE:*:Disabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Disabled:Uruchamia plik DLL jako aplikację -- (Microsoft Corporation)
"C:\Program Files\NAPI-PROJEKT\napisy.exe" = C:\Program Files\NAPI-PROJEKT\napisy.exe:*:Enabled:www.napiprojekt.pl -- ()
"D:\download\sciagniete\Curling_2006_Patch_1_Datecode_20060209_GERMAN_Cracked_RIP-TNT\Curling_2006_Patch_1_Datecode_20060209_GERMAN_Cracked_RIP-TNT\UPDATE\Curling2006.exe" = D:\download\sciagniete\Curling_2006_Patch_1_Datecode_20060209_GERMAN_Cracked_RIP-TNT\Curling_2006_Patch_1_Datecode_20060209_GERMAN_Cracked_RIP-TNT\UPDATE\Curling2006.exe:*:Enabled:Curling2006
"D:\GAMES\curling\Curling2006.exe" = D:\GAMES\curling\Curling2006.exe:*:Enabled:Curling2006
"C:\Program Files\Nowe Gadu-Gadu\gg.exe" = C:\Program Files\Nowe Gadu-Gadu\gg.exe:*:Disabled:Nowe Gadu-Gadu
"C:\Program Files\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe" = C:\Program Files\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe:*:Disabled:MxDownloadServer
"C:\Program Files\WapSter\WapSter AQQ\AQQ.exe" = C:\Program Files\WapSter\WapSter AQQ\AQQ.exe:*:Enabled:AQQ Instant Messenger
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe" = C:\Program Files\Livebox\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)
"D:\programy\spss\statistics.exe" = D:\programy\spss\statistics.exe:*:Disabled:Statistics17:exe
"D:\programy\spss\SPSSWinWrapIDE.exe" = D:\programy\spss\SPSSWinWrapIDE.exe:*:Disabled:SPSS Basic Script Editor
"D:\programy\spss\statistics.com" = D:\programy\spss\statistics.com:*:Disabled:Statistics17:com
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe" = C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe:LocalSubNet:Enabled:Konfiguracja urządzenia HP -- (Hewlett-Packard Co.)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\BitTorrent\BitTorrent.exe" = C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\K2T\WTW\wtw.exe" = C:\Program Files\K2T\WTW\wtw.exe:*:Enabled:WTW Instant Messenger -- (WTW.im, Kaworu)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Instalator AVG


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0483A5EE-3C32-4D2A-9827-03ABA3C97F48}" = OpenOffice.ux.pl 2.0.3
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{126BE17D-450C-41EB-8BF4-3F38399B6899}" = HP Deskjet 1050 J410 series Badanie ulepszeń produktu
"{1DF5019A-68B5-4ba1-8E59-E185C7B7FF11}" = Komunikator WTW 0.9.10.3377
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 26
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{53480520-7555-470E-8C69-750B0472B4BB}" = O&O Defrag Professional Edition
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Pomoc
"{65500168-EF40-11D7-8493-00C04F43E392}" = polsko-angielski 10.2003
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{7148F0A8-6813-11D6-A77B-00B0D0142040}" = Java 2 Runtime Environment, SE v1.4.2_04
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{AE56BC41-9C99-42C6-A8E8-38699A703D62}" = HP Deskjet 1050 J410 series Podstawowe oprogramowanie urządzenia
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B0625F16-B742-4F75-9FD8-20B47ACC7DE2}" = ACDSee 7.0 PowerPack
"{C573C350-C666-586C-B309-7C9BD4A44BBF}" = e-Deklaracje Desktop
"{CAFECAFE-0013-0001-0122-ABCDEFABCDEF}" = Oracle JInitiator 1.3.1.22
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder Seria 9
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EF901A4B-A25A-4962-83C6-C6691D062ED9}" = Nero Mega Plugin Pack
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{FB91E774-867B-4567-ACE7-8144EF036068}" = Olympus Digital Wave Player
"{ORAHSS}.UninstallSuite" = Livebox
"7-Zip" = 7-Zip 4.56 beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = Narzędzie Software Uninstall Utility firmy ATI
"ALLPlayer_is1" = ALLPlayer V4.X
"AQQ" = WapSter AQQ
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"DivX Setup" = DivX Setup
"e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1" = e-Deklaracje Desktop
"foobar2000" = foobar2000 v1.1.10
"Google Chrome" = Google Chrome
"Google Updater" = Aktualizator Google
"HP Photo Creations" = HP Photo Creations
"HWiNFO32_is1" = HWiNFO32 Version 4.22
"ie7" = Windows Internet Explorer 7
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.8.0 Full
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.75.0.1300
"Maxthon" = Maxthon Browser (remove only)
"Maxthon3" = Maxthon 3
"Mozilla Firefox 23.0.1 (x86 pl)" = Mozilla Firefox 23.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPCscan" = MPCscan
"MusePack Software Bundle" = MusePack Software Bundle 1.17
"NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.1
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NVIDIA Drivers" = NVIDIA Drivers
"Office Keyboard 2.2A" = Office Keyboard 2.2A
"OpenAL" = OpenAL
"QuicktimeAlt_is1" = QuickTime Alternative 1.66
"RealAlt_is1" = Real Alternative 1.29
"RTPatch_is1" = RTPatch Update
"Testy IQ" = Testy IQ
"Totalcmd" = Total Commander (Remove or Repair)
"VIA Audio Driver Setup Program" = VIA Audio Driver Setup Program
"VP3 Codec Version 3.2.6.1" = VP3 Codec Version 3.2.6.1
"Winamp" = Winamp (remove only)
"Windows Media Encoder 9" = Windows Media Encoder Seria 9
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2013-05-01 14:13:20 | Computer Name = SEMPRON | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd skype.exe, wersja 6.3.0.105, moduł powodujący
błąd unknown, wersja 0.0.0.0, adres błędu 0x00000200.

Error - 2013-07-20 05:48:18 | Computer Name = SEMPRON | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd googleearth.exe, wersja 7.1.1.1888, moduł
powodujący błąd kernel32.dll, wersja 5.1.2600.5781, adres błędu 0x00012afb.

Error - 2013-07-21 12:25:34 | Computer Name = SEMPRON | Source = Chrome | ID = 1
Description =

Error - 2013-09-07 09:34:04 | Computer Name = SEMPRON | Source = Chrome | ID = 1
Description =

[ System Events ]
Error - 2013-08-17 13:20:52 | Computer Name = SEMPRON | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi General Purpose USB Driver (adildr.sys)
z powodu następującego błędu:   %%2

Error - 2013-08-19 13:01:36 | Computer Name = SEMPRON | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi General Purpose USB Driver (adildr.sys)
z powodu następującego błędu:   %%2

Error - 2013-08-19 13:02:03 | Computer Name = SEMPRON | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS  ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę  wyszukania serwera DNS za 15 min.  Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2013-08-19 13:02:03 | Computer Name = SEMPRON | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku  źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
   Przez 14 min nie nastąpi próba kontaktu ze źródłem.  NtpClient nie ma źródła dokładnego
czasu.

Error - 2013-08-19 13:02:03 | Computer Name = SEMPRON | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS  ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę  wyszukania serwera DNS za 15 min.  Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2013-08-19 13:02:03 | Computer Name = SEMPRON | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku  źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
   Przez 15 min nie nastąpi próba kontaktu ze źródłem.  NtpClient nie ma źródła dokładnego
czasu.

Error - 2013-08-19 13:02:06 | Computer Name = SEMPRON | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS  ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę  wyszukania serwera DNS za 15 min.  Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2013-08-19 13:02:06 | Computer Name = SEMPRON | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku  źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
   Przez 15 min nie nastąpi próba kontaktu ze źródłem.  NtpClient nie ma źródła dokładnego
czasu.

Error - 2013-08-19 13:02:26 | Computer Name = SEMPRON | Source = W32Time | ID = 39452689
Description = Dostawca czasu NtpClient: Wystąpił błąd podczas wyszukiwania serwera
DNS  ręcznie skonfigurowanej końcówki „time.windows.com,0x1”. Klient NtpClient ponowi
próbę  wyszukania serwera DNS za 15 min.  Wystąpił błąd: Próba przeprowadzenia operacji,
wykonywanej przez gniazdo, na nieosiągalnym hoście. (0x80072751)

Error - 2013-08-19 13:02:26 | Computer Name = SEMPRON | Source = W32Time | ID = 39452701
Description = Dostawca czasu NtpClient jest skonfigurowany, tak aby pobierać czas
z jednego lub kilku  źródeł czasu, jednak żadne ze źródeł jest obecnie niedostępne.
   Przez 14 min nie nastąpi próba kontaktu ze źródłem.  NtpClient nie ma źródła dokładnego
czasu.


< End of report >


[ordynat]

Nie widzę tu żadnej infekcji.

Kosmetyka:
Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
[2012-11-10 10:30:23 | 000,003,574 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2008-12-19 21:30:56 | 000,000,404 | ---- | M] () -- C:\Documents and Settings\Mapecik\Dane aplikacji\Mozilla\Firefox\Profiles\95s0m4un.default\searchplugins\ask.xml
[2011-08-27 07:43:49 | 000,002,568 | ---- | M] () -- C:\Documents and Settings\Mapecik\Dane aplikacji\Mozilla\Firefox\Profiles\95s0m4un.default\searchplugins\askcom.xml
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040: C:\Program Files\Real Alternative\browser\plugin\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?l=dis&o=16625&gct=hp"
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AWRTRD.sys -- (Ad-Watch Registry Filter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\adiusbae.sys -- (adiusbae)
DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\adildr.sys -- (ADILOADER)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RadProbe.sys -- (RadProbe)

:Reg
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}]

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt.

Zainstaluj nowszą, bezpieczniejszą wersję Javy:
>http://www.oracle.com/technetwork/java/javase/downloads/jre7-downloads-1880261.html (wybierz: Windows x86 Offline lub online)
.