Incredibar - skrypt na usunięcie

**Posty:** 253 · przez **Aragorn160** 10 Lut 2013, 23:30

Tak jak w temacie. Nie wiem skąd się to wzięło bo ostatnio nic nie instalowałem ale przed chwilą strona główna z Google zmieniła się na Incredibar który ostro zamula. Tradycyjnie wstawiam logi z Gmera i OTL.

Gmer

Kod: Zaznacz wszystko: GMER 2.0.18454 - http://www.gmer.net Rootkit scan 2013-02-10 22:25:53 Windows 5.1.2600 Dodatek Service Pack 3 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e WDC_WD2500JS-00NCB1 rev.10.02E02 232,88GB Running: v1icp7lp.exe; Driver: C:\DOCUME~1\Grzeg0rz\USTAWI~1\Temp\fxriqpow.sys ---- System - GMER 2.0 ---- SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeKey [0xB3399004] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeMultipleKeys [0xB33990D4] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xB3398D76] SSDT \??\C:\WINDOWS\system32\drivers\avgtpx86.sys (AVG Technologies) ZwQueryValueKey [0xB82F91AE] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xB3398E1E] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xB3398EBA] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xB3398F56] ---- Kernel code sections - GMER 2.0 ---- .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB739C3C0, 0x706FCA, 0xE8000020] .text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xB31A1300, 0x3B6D8, 0xE8000020] .text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xB8490300, 0x1BEE, 0xE8000020] ---- User code sections - GMER 2.0 ---- .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 28, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 2B, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 28, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 29, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B912B42 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 2A, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 29, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 2A, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B912BB3 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 28, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B912CE1 .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 29, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 2A, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 2B, 55, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2324] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, F4, B0, 00] {SUB AH, DH; MOV AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, F7, B0, 00] {SUB BH, DH; MOV AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, F4, B0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, F5, B0, 00] {TEST AL, 0xf5; MOV AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91870E .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, F6, B0, 00] {TEST AL, 0xf6; MOV AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, F5, B0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, F6, B0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91877F .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, F4, B0, 00] {TEST AL, 0xf4; MOV AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9188AD .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, F5, B0, 00] {SUB CH, DH; MOV AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, F6, B0, 00] {SUB DH, DH; MOV AL, 0x0} .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, F7, B0, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[2368] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, AC, 9D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, AF, 9D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, AC, 9D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, AD, 9D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B9173C6 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, AE, 9D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, AD, 9D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, AE, 9D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B917437 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, AC, 9D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B917565 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, AD, 9D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, AE, 9D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, AF, 9D, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3348] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 18, 8B, 00] {SUB [EAX], BL; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 1B, 8B, 00] {SUB [EBX], BL; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 18, 8B, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 19, 8B, 00] {TEST AL, 0x19; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B916132 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 1A, 8B, 00] {TEST AL, 0x1a; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 19, 8B, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 1A, 8B, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9161A3 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 18, 8B, 00] {TEST AL, 0x18; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9162D1 .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 19, 8B, 00] {SUB [ECX], BL; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 1A, 8B, 00] {SUB [EDX], BL; MOV EAX, [EAX]} .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 1B, 8B, 00] .text C:\Program Files\Google\Chrome\Application\chrome.exe[3420] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2] ---- User IAT/EAT - GMER 2.0 ---- IAT C:\Program Files\Google\Chrome\Application\chrome.exe[2324] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 006C0010 IAT C:\Program Files\Google\Chrome\Application\chrome.exe[2368] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00C70010 IAT C:\Program Files\Google\Chrome\Application\chrome.exe[3348] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00B30010 IAT C:\Program Files\Google\Chrome\Application\chrome.exe[3420] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 00A20010 ---- Registry - GMER 2.0 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Video\{02DBD794-19D5-4D5C-A967-EB0F5585CAB9}\0000@D3D_\x3332\x3331 2089309684 Reg HKLM\SYSTEM\CurrentControlSet\Control\Video\{44C4A1FC-455D-4982-81A9-3B25EE13F2EB}\0000@D3D_\x3332\x3331 2089309684 Reg HKLM\SYSTEM\CurrentControlSet\Control\Video\{73C2056D-6EE2-47BD-B286-3D6ACAAC64C9}\0000@D3D_\x3332\x3331 2089309684 Reg HKLM\SYSTEM\CurrentControlSet\Control\Video\{D94AE7B8-6209-4BAF-942A-B7840101CDC7}\0000@D3D_\x3332\x3331 2089309684 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x63 0x89 0x71 0x48 ... Reg HKLM\SYSTEM\ControlSet002\Control\Video\{02DBD794-19D5-4D5C-A967-EB0F5585CAB9}\0000@D3D_\x3332\x3331 2089309684 Reg HKLM\SYSTEM\ControlSet002\Control\Video\{44C4A1FC-455D-4982-81A9-3B25EE13F2EB}\0000@D3D_\x3332\x3331 2089309684 Reg HKLM\SYSTEM\ControlSet002\Control\Video\{73C2056D-6EE2-47BD-B286-3D6ACAAC64C9}\0000@D3D_\x3332\x3331 2089309684 Reg HKLM\SYSTEM\ControlSet002\Control\Video\{D94AE7B8-6209-4BAF-942A-B7840101CDC7}\0000@D3D_\x3332\x3331 2089309684 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x63 0x89 0x71 0x48 ... ---- EOF - GMER 2.0 ----

OTL

Kod: Zaznacz wszystko: OTL logfile created on: 2013-02-10 22:26:31 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Grzeg0rz\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 72,08% Memory free 4,84 Gb Paging File | 3,98 Gb Available in Paging File | 82,17% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,66 Gb Total Space | 37,91 Gb Free Space | 38,82% Space Free | Partition Type: NTFS Drive D: | 135,22 Gb Total Space | 15,98 Gb Free Space | 11,82% Space Free | Partition Type: NTFS Computer Name: GRZEGORZ | User Name: Grzeg0rz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-02-10 21:44:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grzeg0rz\Pulpit\OTL.exe PRC - [2013-02-10 20:14:50 | 001,124,016 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe PRC - [2013-02-10 20:14:49 | 000,965,296 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe PRC - [2013-01-26 03:35:08 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2012-12-29 11:31:25 | 001,260,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-11-19 17:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe PRC - [2012-11-08 03:51:06 | 000,768,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe PRC - [2012-11-08 03:51:04 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe PRC - [2012-11-02 03:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe PRC - [2012-05-29 16:38:00 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2012-05-29 16:38:00 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2012-03-19 04:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe PRC - [2012-02-14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe PRC - [2012-02-14 03:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-03 20:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-02-10 20:14:51 | 000,156,848 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\SiteSafety.dll MOD - [2013-02-10 20:14:50 | 001,124,016 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe MOD - [2013-02-10 20:14:49 | 000,965,296 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe MOD - [2013-02-07 17:35:29 | 012,459,888 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll MOD - [2013-01-26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppgooglenaclpluginchrome.dll MOD - [2013-01-26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll MOD - [2013-01-26 03:34:19 | 000,597,968 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\libglesv2.dll MOD - [2013-01-26 03:34:18 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\libegl.dll MOD - [2013-01-26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll MOD - [2008-04-15 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013-02-10 20:14:49 | 000,965,296 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe -- (vToolbarUpdater14.1.7) SRV - [2013-02-09 21:51:23 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-12-29 11:31:25 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-12-07 19:14:17 | 000,541,168 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-12-06 16:54:25 | 000,161,768 | ---- | M] (Oracle Corporation) [Disabled | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-11-02 03:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-05-29 16:38:00 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2012-05-29 16:37:58 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2012-02-14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2006-03-03 20:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Grzeg0rz\USTAWI~1\Temp\fxriqpow.sys -- (fxriqpow) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013-02-10 20:14:51 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp) DRV - [2012-12-10 03:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2012-11-08 03:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2012-11-05 20:15:13 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2012-11-05 20:15:13 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2012-09-25 20:09:12 | 006,195,344 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2012-08-24 14:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2012-07-03 16:25:19 | 000,124,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2012-05-08 14:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2012-04-19 03:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2012-02-22 19:18:10 | 000,329,960 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2012-01-31 03:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2011-12-23 12:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011-12-23 12:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2011-12-23 12:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter) DRV - [2010-07-04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb178?a=6PQII6EUCG&i=26 IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=17425&tt=3612_3&babsrc=SP_def&mntrId=f0ac34e600000000000040618602e6e0 IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={93AD6281-5E16-4D1A-B66F-0318CE68CDE0}&mid=d88536b6fe5e47d091e89128c0e60f13-48faba0c461c3daac15ec0571b770c4a9d5c2565&lang=pl&ds=AVG&pr=fr&d=2012-07-07 16:55:04&v=12.2.5.32&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb178/?search={searchTerms}&loc=IB_DS&a=6PQII6EUCG&i=26 IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files\OnLive\Plugin\npolgdet.dll File not found FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\FireFoxExt\14.1.0.10 [2013-02-10 20:15:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012-07-07 19:01:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Mozilla\Extensions [2012-09-03 13:58:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.100_0\npbrowserext.dll CHR - plugin: Perion plugin (Enabled) = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - Extension: Dokumenty Google = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Dysk Google = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: New tab for Chrome\u2122 = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\ CHR - Extension: AVG Security Toolbar = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.1.0.10_0\ CHR - Extension: Gmail = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2008-04-15 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll () O3 - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1757981266-1604221776-1801674531-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D058DDFA-042F-4F78-A7AF-A4DC8C53347E}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7\ViProtocol.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O27 - HKLM IFEO\acrord32.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\hamachi-2-ui.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\ipla.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\javaw.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\javaws.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\steam.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\unlocker.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\unlockerassistant.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-07-07 14:55:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-02-10 21:44:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Grzeg0rz\Pulpit\OTL.exe [2013-02-07 17:34:00 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2013-02-07 17:34:00 | 000,018,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2013-02-05 19:05:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ashampoo [2013-02-05 19:05:33 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo [2013-02-05 18:46:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Ashampoo [2013-02-05 18:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\ashampoo [2013-02-05 18:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2013-02-03 12:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\World of Warcraft [2013-02-01 22:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome [2013-01-31 21:43:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Electronic_Arts_Inc [2013-01-31 21:43:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Electronic Arts [2013-01-31 15:02:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG [2013-01-30 15:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\WarThunder [2013-01-30 15:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\WarThunder [2013-01-27 15:35:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\Eidos [2013-01-27 13:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA [2013-01-27 13:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2013-01-27 13:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation [2013-01-27 13:06:22 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll [2013-01-27 13:06:22 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll [2013-01-27 13:06:22 | 000,286,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll [2013-01-27 13:06:22 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll [2013-01-27 13:06:22 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll [2013-01-27 13:06:22 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll [2013-01-27 13:06:22 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll [2013-01-27 13:06:22 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll [2013-01-27 13:06:22 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll [2013-01-27 13:06:22 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll [2013-01-27 13:06:22 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll [2013-01-27 13:06:22 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll [2013-01-27 13:06:22 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll [2013-01-27 13:06:22 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll [2013-01-27 13:06:22 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll [2013-01-27 13:06:22 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll [2013-01-27 13:06:22 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll [2013-01-27 13:06:22 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll [2013-01-27 13:06:22 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll [2013-01-27 13:06:22 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll [2013-01-27 13:06:22 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll [2013-01-27 13:06:22 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll [2013-01-27 13:06:22 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll [2013-01-27 13:06:22 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll [2013-01-27 13:06:22 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll [2013-01-27 13:06:22 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll [2013-01-27 13:06:22 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll [2013-01-27 13:06:22 | 000,126,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll [2013-01-27 13:06:21 | 000,144,312 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe [2013-01-27 13:06:20 | 015,635,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll [2013-01-27 13:06:20 | 000,108,984 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll [2013-01-27 13:06:16 | 000,054,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll [2013-01-27 13:05:28 | 000,884,072 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvhdagenco3220103.dll [2013-01-27 13:05:28 | 000,124,264 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvhda32.sys [2013-01-27 13:05:28 | 000,028,008 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvhdap32.dll [2013-01-27 13:05:27 | 019,570,688 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll [2013-01-27 13:05:27 | 007,716,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll [2013-01-27 13:05:27 | 006,066,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvopencl.dll [2013-01-27 13:05:27 | 002,725,304 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll [2013-01-27 13:05:27 | 001,985,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll [2013-01-27 13:05:27 | 001,017,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll [2013-01-27 13:05:27 | 000,889,784 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispgenco32.dll [2013-01-27 13:05:25 | 017,551,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll [2013-01-27 13:05:25 | 002,448,384 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll [2013-01-27 13:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2013-01-27 13:03:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Grzeg0rz\Recent [2013-01-26 22:16:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Eidos [2013-01-24 17:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\SH4 [2013-01-24 14:22:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\THQ [2013-01-24 13:59:04 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2013-01-23 13:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard Entertainment [2013-01-21 14:07:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\SimCity 4 [2013-01-21 14:02:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Maxis [2013-01-20 14:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Aspyr [2013-01-20 14:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\Aspyr [2013-01-20 14:14:25 | 000,019,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2013-01-19 15:12:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\Anomaly Warzone Earth [2013-01-18 17:58:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\Max Payne 2 Savegames [2013-01-17 18:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\GTA Vice City User Files [2013-01-17 12:43:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\GTA San Andreas User Files [2013-01-16 18:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\digipen [2013-01-16 18:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\digipen [2013-01-15 15:45:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Pulpit\Gladiator (2000) [2013-01-14 15:12:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\GTA3 User Files [2013-01-14 15:07:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Rockstar Games [2013-01-14 14:20:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\InstallShield [2013-01-12 22:16:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\TS3Client [2013-01-12 22:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client [2013-01-12 22:15:48 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2013-01-12 16:42:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\HUGO [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-02-10 21:51:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-02-10 21:47:06 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-02-10 21:47:06 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job [2013-02-10 21:47:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-02-10 21:45:49 | 000,365,568 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\v1icp7lp.exe [2013-02-10 21:44:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grzeg0rz\Pulpit\OTL.exe [2013-02-10 20:14:51 | 000,033,112 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys [2013-02-10 12:26:34 | 109,572,444 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm [2013-02-09 21:51:22 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-02-09 21:51:22 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-02-08 23:38:21 | 000,491,818 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-02-08 23:38:21 | 000,433,794 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-02-08 23:38:21 | 000,085,018 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-02-08 23:38:21 | 000,068,542 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013-02-08 19:45:01 | 000,115,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-02-08 18:16:39 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013-02-08 17:14:09 | 000,165,752 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm [2013-02-06 21:43:36 | 000,003,523 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\.recently-used.xbel [2013-02-05 18:21:19 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-02-05 18:21:16 | 000,035,478 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Rumpel.jpg [2013-02-01 22:59:18 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2013-02-01 22:58:18 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-02-01 22:58:17 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-01-31 15:02:39 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2012.lnk [2013-01-27 13:06:11 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013-01-27 13:05:46 | 001,074,560 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2013-01-27 13:05:46 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2013-01-27 13:05:42 | 001,074,560 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2013-01-27 13:05:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk [2013-01-21 14:08:46 | 006,051,707 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Metallica - Nothing Else Matters.mp3 [2013-01-21 14:01:49 | 004,878,496 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Metallica - Whiskey in the jar.mp3 [2013-01-21 14:00:09 | 000,000,532 | ---- | M] () -- C:\WINDOWS\eReg.dat [2013-01-20 11:00:54 | 000,043,300 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\całość II.tsk [2013-01-14 14:11:40 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2013-01-12 22:15:55 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-02-10 21:45:48 | 000,365,568 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\v1icp7lp.exe [2013-02-08 18:03:31 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2013-02-06 21:43:36 | 000,003,523 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\.recently-used.xbel [2013-02-05 19:23:02 | 000,035,478 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Rumpel.jpg [2013-02-01 22:59:18 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2013-01-27 13:05:42 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2013-01-27 13:05:42 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2013-01-27 13:05:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2013-01-27 13:05:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk [2013-01-27 13:05:27 | 002,284,064 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2013-01-27 13:05:27 | 000,016,032 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb [2013-01-24 17:04:19 | 008,994,880 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Silent_Hunter_4_Wolves_of_the_Pacific_-_Poradnik_Gry-OnLine.pdf [2013-01-21 14:00:09 | 000,000,532 | ---- | C] () -- C:\WINDOWS\eReg.dat [2013-01-21 12:57:31 | 000,000,342 | ---- | C] () -- C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job [2013-01-20 23:38:20 | 004,878,496 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Metallica - Whiskey in the jar.mp3 [2013-01-20 23:37:55 | 006,051,707 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Metallica - Nothing Else Matters.mp3 [2013-01-20 11:00:54 | 000,043,300 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\całość II.tsk [2013-01-12 22:15:55 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [2012-12-25 14:14:18 | 000,025,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT [2012-11-17 19:25:29 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2012-11-04 11:01:47 | 000,000,174 | ---- | C] () -- C:\WINDOWS\ESTIMATE-SETTING.INI [2012-11-04 11:01:47 | 000,000,160 | ---- | C] () -- C:\WINDOWS\ALIGN-SETTING.INI [2012-11-04 11:01:47 | 000,000,106 | ---- | C] () -- C:\WINDOWS\LIMIT-SETTING.INI [2012-11-01 11:22:16 | 000,000,485 | ---- | C] () -- C:\WINDOWS\MRU.ini [2012-10-13 18:09:25 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2012-10-13 18:09:25 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2012-10-13 18:09:25 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll [2012-10-13 18:09:22 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2012-10-12 07:26:44 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini [2012-10-02 19:15:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2012-09-29 17:33:16 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2012-09-29 17:33:16 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2012-09-05 20:04:25 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\SI.bin [2012-09-05 18:38:09 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-08-27 17:21:07 | 000,000,994 | ---- | C] () -- C:\WINDOWS\disney.ini [2012-08-07 20:51:50 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Sof2.INI [2012-07-28 22:55:13 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2012-07-28 22:55:13 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2012-07-28 22:55:13 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2012-07-12 14:10:23 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2012-07-08 12:12:13 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2012-07-08 12:09:15 | 000,120,279 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2012-07-07 16:46:30 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-07-07 16:45:21 | 000,115,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-07-07 15:08:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-07-07 14:56:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-07-07 14:53:01 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [color=#E56717]========== ZeroAccess Check ==========[/color] [2012-07-12 20:56:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012-04-20 20:30:26 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013-02-05 18:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2013-01-21 12:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search [2012-09-11 15:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012 [2012-07-07 15:53:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2012-07-07 20:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2012-07-15 21:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2013-01-31 21:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2012-08-12 13:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Fallout3 [2012-07-18 09:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2012-07-07 19:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [2012-12-22 23:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2013-01-31 15:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2012-11-27 20:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Origin [2013-02-02 20:26:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2012-07-13 22:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RDRM [2012-10-25 17:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RELOADED [2012-12-21 11:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SplitMediaLabs [2012-09-09 20:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Synetic [2012-07-07 15:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2012-12-24 21:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2013-01-30 15:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WarThunder [2012-07-07 15:57:38 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2013-01-31 15:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\TuneUp Software [2013-01-23 12:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\.minecraft [2013-02-05 18:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Ashampoo [2012-12-04 21:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Audacity [2012-07-07 15:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\AVG Secure Search [2012-07-07 15:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\AVG2012 [2012-12-21 20:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\BESTplayer [2012-07-28 21:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\BlackBean [2012-11-17 19:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\CDROLLER [2013-02-08 16:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\DAEMON Tools Lite [2013-01-16 18:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\digipen [2012-08-27 18:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Disney Interactive Studios [2012-11-04 10:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\DVDVideoSoft [2012-09-05 10:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\FunnyGames [2012-07-18 09:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Gadu-Gadu 10 [2013-02-10 21:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\GG [2013-02-06 21:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\gtk-2.0 [2012-11-25 12:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Image Zone Express [2012-12-29 23:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\ipla [2012-07-08 10:24:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\LolClient [2012-07-18 10:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\LOVE [2012-07-12 14:11:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Nowe Gadu-Gadu [2012-11-08 19:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\OnLive App [2012-10-18 18:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Opera [2012-07-09 10:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Oracle [2012-11-05 19:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Origin [2012-08-04 13:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\OwnRooms [2012-08-24 21:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\runic games [2012-12-21 11:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\SplitMediaLabs [2012-07-28 18:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Stellarium [2012-09-15 13:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Tropico 3 [2013-01-27 13:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\TS3Client [2012-07-31 22:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\TuneUp Software [2012-09-11 15:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Ubisoft [2012-08-20 12:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Unity [2013-02-10 21:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\uTorrent [2012-10-16 13:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\wargaming.net [2012-12-08 16:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\XnView [2012-07-10 16:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\TuneUp Software [2012-07-28 22:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UpdatusUser\Dane aplikacji\TuneUp Software [2013-01-29 17:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UpdatusUser.GRZEGORZ\Dane aplikacji\TuneUp Software [color=#E56717]========== Purity Check ==========[/color] < End of report >

OTL Extras:

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2013-02-10 22:26:31 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Grzeg0rz\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 72,08% Memory free 4,84 Gb Paging File | 3,98 Gb Available in Paging File | 82,17% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,66 Gb Total Space | 37,91 Gb Free Space | 38,82% Space Free | Partition Type: NTFS Drive D: | 135,22 Gb Total Space | 15,98 Gb Free Space | 11,82% Space Free | Partition Type: NTFS Computer Name: GRZEGORZ | User Name: Grzeg0rz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "56482:TCP" = 56482:TCP:*:Enabled:Pando Media Booster "56482:UDP" = 56482:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "56482:TCP" = 56482:TCP:*:Enabled:Pando Media Booster "56482:UDP" = 56482:UDP:*:Enabled:Pando Media Booster "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "80:TCP" = 80:TCP:*:Enabled:War Thunder "443:TCP" = 443:TCP:*:Enabled:War Thunder "20010:UDP" = 20010:UDP:*:Enabled:War Thunder "3478:UDP" = 3478:UDP:*:Enabled:War Thunder "7850:TCP" = 7850:TCP:*:Enabled:War Thunder "27022:TCP" = 27022:TCP:*:Enabled:War Thunder "6881:TCP" = 6881:TCP:*:Enabled:War Thunder "33333:TCP" = 33333:TCP:*:Enabled:War Thunder "20443:TCP" = 20443:TCP:*:Enabled:War Thunder "8090:TCP" = 8090:TCP:*:Enabled:War Thunder [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "I:\fscommand\CKSocketServer.exe" = I:\fscommand\CKSocketServer.exe:*:Enabled:Socket Server "C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- () "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.) "D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "D:\Program Files\Orbitron\Orbitron.exe" = D:\Program Files\Orbitron\Orbitron.exe:*:Enabled:Orbitron - Satellite Tracking System -- (Sebastian Stoff) "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- () "D:\Games\World_of_Tanks\WOTLauncher.exe" = D:\Games\World_of_Tanks\WOTLauncher.exe:*:Enabled:World of Tanks Launcher -- (Wargaming.net) "D:\Games\World_of_Tanks\WorldOfTanks.exe" = D:\Games\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks -- (Wargaming.net) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "D:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe" = D:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe:*:Enabled:FlatOut Ultimate Carnage -- (Empire Interactive Ltd.) "D:\Program Files\Ubisoft\Assassin's Creed - Brotherhood\ACBSP.exe" = D:\Program Files\Ubisoft\Assassin's Creed - Brotherhood\ACBSP.exe:*:Enabled:ACBSP -- () "D:\Program Files\WOT\WoTLauncher.exe" = D:\Program Files\WOT\WoTLauncher.exe:*:Enabled:World of Tanks Launcher -- (Wargaming.net) "D:\Program Files\WOT\WorldOfTanks.exe" = D:\Program Files\WOT\WorldOfTanks.exe:*:Enabled:World of Tanks -- (Wargaming.net) "D:\Program Files\Steam\steamapps\common\Anomaly Warzone Earth\AnomalyWarzoneEarth.exe" = D:\Program Files\Steam\steamapps\common\Anomaly Warzone Earth\AnomalyWarzoneEarth.exe:*:Enabled:Anomaly Warzone Earth -- () "D:\Program Files\THQ\Company of Heroes\RelicCOH.exe" = D:\Program Files\THQ\Company of Heroes\RelicCOH.exe:*:Enabled:Company of Heroes -- (THQ Canada Inc.) "D:\Program Files\THQ\Company of Heroes\RelicDownloader\RelicDownloader.exe" = D:\Program Files\THQ\Company of Heroes\RelicDownloader\RelicDownloader.exe:*:Enabled:Relic Downloader -- (THQ Canada Inc.) "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation) "C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Ochrona Sieci -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2012 -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Uniwersalny skaner poczty e-mail -- (AVG Technologies CZ, s.r.o.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300 "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{0D005F09-A5F4-473B-A901-5735C6AF5628}" = Silent Hunter 4 Wolves of the Pacific z dodatkiem U-boat Missions "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1" = World of Tanks - Common Test "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress "{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9 "{286C5BE9-7E61-4AC1-B674-BED333C35F73}" = AVG 2012 "{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012 "{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI "{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant "{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI "{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI "{6068A42A-C1CF-45F2-9859-5DB16287FE5D}" = msvcrt_installer "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI "{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI "{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox "{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{70073F81-7201-1F4B-8111-2686B8A60F85}" = Tomb Raider - Underworld "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme "{73F9192E-A60B-47BA-809A-AE07AF507EA7}" = S.T.A.L.K.E.R. - Shadow of Chernobyl "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World "{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK "{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI "{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI "{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90850415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3 "{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy "{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A5EA10B8-304A-412E-8ED8-4D8488F19A49}" = AVG 2012 "{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 310.90 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 310.90 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.11.3 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.18.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI "{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update "{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter "{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI "{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp "{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch "{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help "{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI "{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin "{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC "{F161A0DD-AAA9-4938-A741-ED491F77D034}" = TuneUp Utilities Language Pack (pl-PL) "{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk "{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan "{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA "{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations "{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA "{FF3C203A-2F19-43A2-9C7C-EC1B5A0FC873}" = Pure "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Alan Wake_is1" = Alan Wake "Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v10.0.15 "Assassin's Creed: Brotherhood_is1" = Assassin's Creed: Brotherhood "Audacity_is1" = Audacity 2.0.2 "AVG" = AVG 2012 "AVG Secure Search" = AVG Security Toolbar "CCleaner" = CCleaner "Company of Heroes" = Company of Heroes "FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage "Fraps" = Fraps (remove only) "Google Chrome" = Google Chrome "HP Imaging Device Functions" = HP Imaging Device Functions 7.0 "HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0 "HPExtendedCapabilities" = HP Customer cenzura! Program 7.0 "HUGO" = HUGO "ie8" = Windows Internet Explorer 8 "ipla" = ipla 2.4 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.70.0.1100 "Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MWSnap 3" = MWSnap 3 "Opera 12.02.1578" = Opera 12.02 "Orbitron_is1" = Orbitron - Satellite Tracking System "PicPick" = PicPick "RegiStax 2" = RegiStax 2 .1.1 beta "Steam App 91200" = Anomaly Warzone Earth "Stellarium_is1" = Stellarium 0.11.3 "Tasker_is1" = Tasker version 3.13 "TeamSpeak 3 Client" = TeamSpeak 3 Client "The Walking Dead (c) 3_is1" = The Walking Dead (c) 3 version 1 "TuneUp Utilities 2012" = TuneUp Utilities 2012 "Unlocker" = Unlocker 1.9.1 "uTorrent" = µTorrent "Windows Media Format Runtime" = Windows Media Format 11 runtime "WinGimp-2.0_is1" = GIMP 2.6.12-2 "WinRAR archiver" = WinRAR 4.20 (32-bitowy) "World of Warcraft" = World of Warcraft "Xbox_360_CC_Driver" = Xbox 360 Controller for Windows "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "RegiStax 6" = RegiStax 6 "RegiStax 6.1.0.8 update" = RegiStax 6.1.0.8 update "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-02-05 09:55:54 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd svchost.exe, wersja 5.1.2600.5512, moduł powodujący błąd wiaservc.dll, wersja 5.1.2600.5512, adres błędu 0x000223dd. Error - 2013-02-05 13:57:08 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd burningstudio2012.exe, wersja 10.0.15.206, moduł powodujący błąd kernel32.dll, wersja 5.1.2600.5781, adres błędu 0x0000168e. Error - 2013-02-08 09:21:31 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd svchost.exe, wersja 5.1.2600.5512, moduł powodujący błąd wiaservc.dll, wersja 5.1.2600.5512, adres błędu 0x000223dd. Error - 2013-02-08 11:51:35 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd 1503startup.exe, wersja 0.0.1.0, moduł powodujący błąd annoframe.dll, wersja 1.0.1.0, adres błędu 0x0006fc57. Error - 2013-02-08 11:51:48 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd 1503startup.exe, wersja 0.0.1.0, moduł powodujący błąd annoframe.dll, wersja 1.0.1.0, adres błędu 0x0006fc57. Error - 2013-02-08 11:52:02 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd 1503startup.exe, wersja 0.0.1.0, moduł powodujący błąd view.dll, wersja 0.0.0.0, adres błędu 0x0007f47e. Error - 2013-02-08 13:16:29 | Computer Name = GRZEGORZ | Source = MsiInstaller | ID = 11935 Description = Produkt: Microsoft .NET Framework 3.0 Service Pack 2 -- Błąd 1935. Wystąpił błąd podczas instalowania zestawu 'System.IdentityModel,fileVersion="3.0.4506.4037",culture="neutral",version="3.0.0.0",publicKeyToken="b77a5c561934e089",processorArchitecture="MSIL"'. Zobacz Pomoc i obsługę techniczną, aby uzyskać więcej informacji. HRESULT: 0x80070020. interfejs asemblacji: IAssemblyCacheItem, funkcja: Commit, składnik: {9BE08645-F9F8-4D7B-B945-1DC1877C6CB1} Error - 2013-02-08 13:16:33 | Computer Name = GRZEGORZ | Source = MsiInstaller | ID = 1023 Description = Produkt: Microsoft .NET Framework 3.0 Service Pack 2 - nie można zainstalować aktualizacji 'KB2756918'. Kod błędu 1603. Dodatkowe informacje są dostępne w pliku dziennika C:\WINDOWS\system32\config\SYSTEM~1\USTAWI~1\Temp\Microsoft .NET Framework 3.0-KB2756918_20130208_171619359-Msi0.txt. Error - 2013-02-08 13:16:34 | Computer Name = GRZEGORZ | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb2756918, P2 1045, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 1935. Error - 2013-02-10 15:32:09 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd svchost.exe, wersja 5.1.2600.5512, moduł powodujący błąd wiaservc.dll, wersja 5.1.2600.5512, adres błędu 0x000223dd. [ System Events ] Error - 2013-01-24 14:50:26 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa Windows Image Acquisition (WIA) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-01-31 14:16:39 | Computer Name = GRZEGORZ | Source = sr | ID = 1 Description = Filtr Przywracania systemu napotkał nieoczekiwany błąd '0xC0000001' podczas przetwarzania pliku '' w woluminie 'HarddiskVolume1'. W rezultacie zostało zatrzymane monitorowanie woluminu. Error - 2013-01-31 14:35:21 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa Windows Image Acquisition (WIA) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-01 13:36:44 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa vToolbarUpdater14.0.1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-04 14:12:41 | Computer Name = GRZEGORZ | Source = System Error | ID = 1003 Description = Kod błędu 1000008e, parametr 1 c0000005, parametr 2 bf84c68e, parametr 3 afbf1ae4, parametr 4 00000000. Error - 2013-02-05 09:55:56 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa Windows Image Acquisition (WIA) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-08 09:21:33 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa Windows Image Acquisition (WIA) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-08 13:16:35 | Computer Name = GRZEGORZ | Source = Windows Update Agent | ID = 20 Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Aktualizacja zabezpieczeń dla programu Microsoft .NET Framework 3.0 z dodatkiem SP2 w systemach Windows Server 2003 i Windows XP x86 (KB2756918). Error - 2013-02-10 12:11:56 | Computer Name = GRZEGORZ | Source = System Error | ID = 1003 Description = Kod błędu 1000008e, parametr 1 c0000005, parametr 2 bf8488a2, parametr 3 ae6afae4, parametr 4 00000000. Error - 2013-02-10 15:32:14 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa Windows Image Acquisition (WIA) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report >

**Posty:** 4765 · przez **ordynat** 11 Lut 2013, 00:08

1) Użyj >Adw-cleaner (aby pobrać kliknij na dużą zieloną strzałkę po prawej).
Kliknij w nim Usuń
Pokaż raport z niego C:\AdwCleaner[S1].txt

2) Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:OTL
MOD - [2013-02-10 20:14:51 | 000,156,848 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\SiteSafety.dll
MOD - [2013-02-10 20:14:50 | 001,124,016 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2013-02-10 20:14:49 | 000,965,296 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe
SRV - [2013-02-10 20:14:49 | 000,965,296 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe -- (vToolbarUpdater14.1.7)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files\OnLive\Plugin\npolgdet.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\FireFoxExt\14.1.0.10 [2013-02-10 20:15:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll ()
O3 - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
[2013-02-10 21:47:06 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job
[2012-07-07 15:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\AVG Secure Search

:Reg
[-HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}]
[-HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}]

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt. Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie.
Następnie uruchom OTL ponownie, tym razem kliknij Skanuj.
Pokaż nowy log OTL.txt oraz raport z usuwania Skryptem.

Zainstaluj nowszą, bezpieczniejszą wersję Javy:
>http://www.oracle.com/technetwork/java/javase/downloads/jre7-downloads-1880261.html (wybierz: Windows x86 Offline)
.

**Posty:** 253 · przez **Aragorn160** 11 Lut 2013, 15:27

Więc tak, Adw-cleaner za każdym razem się zawiesza. Myślałem, że może się zawiesił podczas pracy bo niektóre programy tak mają ale po 10 minutach dalej zero reakcji. Log jakiś się utworzył ale wygląda na niekompletny (ale pewien nie jestem, nie znam sie).

Adw-cleaner:

Kod: Zaznacz wszystko: # AdwCleaner v2.112 - Log utworzony 11/02/2013 o 14:10:27 # Aktualizacja 10/02/2013 przez Xplode # System operacyjny : Microsoft Windows XP Dodatek Service Pack 3 (32 bits) # Użytkownik : Grzeg0rz - GRZEGORZ # Tryb uruchomienia : Normalny # Ścieżka : C:\Documents and Settings\Grzeg0rz\Moje dokumenty\Downloads\AdwCleaner.exe # Opcja [Usuń] ***** [Usługi] ***** ***** [Pliki / Foldery] *****

OTL po wykonaniu skryptu:

Kod: Zaznacz wszystko: All processes killed ========== OTL ========== Service vToolbarUpdater14.1.7 stopped successfully! Service vToolbarUpdater14.1.7 deleted successfully! C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe moved successfully. Service EagleXNt stopped successfully! Service EagleXNt deleted successfully! File C:\WINDOWS\system32\drivers\EagleXNt.sys not found. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar deleted successfully. File C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\FireFoxExt\14.1.0.10 not found. Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found. File C:\Program Files\Web Assistant\Firefox not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully. File C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. File C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll not found. Registry value HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt deleted successfully. File C:\Program Files\AVG Secure Search\vprot.exe not found. C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job moved successfully. C:\Documents and Settings\Grzeg0rz\Dane aplikacji\AVG Secure Search\cache\tmp folder moved successfully. C:\Documents and Settings\Grzeg0rz\Dane aplikacji\AVG Secure Search\cache folder moved successfully. C:\Documents and Settings\Grzeg0rz\Dane aplikacji\AVG Secure Search folder moved successfully. ========== REGISTRY ========== Registry key HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. Registry key HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Grzeg0rz ->Temp folder emptied: 13388759 bytes ->Temporary Internet Files folder emptied: 201455848 bytes ->Google Chrome cache emptied: 358071695 bytes ->Opera cache emptied: 325870 bytes ->Flash cache emptied: 6119 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33177 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33237 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: UpdatusUser.GRZEGORZ ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 512000 bytes %systemroot%\System32 .tmp files removed: 3048484 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 22499354 bytes RecycleBin emptied: 1072448940 bytes Total Files Cleaned = 1 595,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 02112013_141717 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...

OTL:

Kod: Zaznacz wszystko: OTL logfile created on: 2013-02-11 14:20:44 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Grzeg0rz\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 78,73% Memory free 4,84 Gb Paging File | 4,32 Gb Available in Paging File | 89,31% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,66 Gb Total Space | 39,47 Gb Free Space | 40,41% Space Free | Partition Type: NTFS Drive D: | 135,22 Gb Total Space | 15,98 Gb Free Space | 11,82% Space Free | Partition Type: NTFS Computer Name: GRZEGORZ | User Name: Grzeg0rz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-02-10 21:44:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grzeg0rz\Pulpit\OTL.exe PRC - [2013-01-26 03:35:08 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2012-12-29 11:31:25 | 001,260,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-11-19 17:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe PRC - [2012-11-08 03:51:06 | 000,768,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe PRC - [2012-11-08 03:51:04 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe PRC - [2012-11-02 03:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe PRC - [2012-05-29 16:38:00 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2012-05-29 16:38:00 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2012-03-19 04:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe PRC - [2012-02-14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe PRC - [2012-02-14 03:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-03 20:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-01-26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppgooglenaclpluginchrome.dll MOD - [2013-01-26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll MOD - [2013-01-26 03:34:19 | 000,597,968 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\libglesv2.dll MOD - [2013-01-26 03:34:18 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\libegl.dll MOD - [2013-01-26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll MOD - [2009-02-27 18:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013-02-09 21:51:23 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-12-29 11:31:25 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-12-07 19:14:17 | 000,541,168 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-12-06 16:54:25 | 000,161,768 | ---- | M] (Oracle Corporation) [Disabled | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-11-02 03:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-05-29 16:38:00 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2012-05-29 16:37:58 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2012-02-14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2006-03-03 20:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013-02-10 20:14:51 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp) DRV - [2012-12-10 03:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2012-11-08 03:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2012-11-05 20:15:13 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2012-11-05 20:15:13 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2012-09-25 20:09:12 | 006,195,344 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2012-08-24 14:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2012-07-03 16:25:19 | 000,124,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2012-05-08 14:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2012-04-19 03:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2012-02-22 19:18:10 | 000,329,960 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2012-01-31 03:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2011-12-23 12:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011-12-23 12:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2011-12-23 12:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter) DRV - [2010-07-04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb178?a=6PQII6EUCG&i=26 IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) [2012-07-07 19:01:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Mozilla\Extensions [2012-09-03 13:58:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.100_0\npbrowserext.dll CHR - plugin: Perion plugin (Enabled) = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - Extension: Dokumenty Google = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Dysk Google = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Gmail = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2008-04-15 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1757981266-1604221776-1801674531-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D058DDFA-042F-4F78-A7AF-A4DC8C53347E}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7\ViProtocol.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O27 - HKLM IFEO\acrord32.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\hamachi-2-ui.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\ipla.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\javaw.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\javaws.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\steam.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\unlocker.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\unlockerassistant.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-07-07 14:55:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-02-11 14:17:17 | 000,000,000 | ---D | C] -- C:\_OTL [2013-02-10 21:44:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Grzeg0rz\Pulpit\OTL.exe [2013-02-07 17:34:00 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2013-02-07 17:34:00 | 000,018,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2013-02-05 19:05:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ashampoo [2013-02-05 19:05:33 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo [2013-02-05 18:46:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Ashampoo [2013-02-05 18:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\ashampoo [2013-02-05 18:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2013-02-03 12:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\World of Warcraft [2013-02-01 22:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome [2013-01-31 21:43:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Electronic_Arts_Inc [2013-01-31 21:43:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Electronic Arts [2013-01-31 15:02:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG [2013-01-30 15:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\WarThunder [2013-01-30 15:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\WarThunder [2013-01-27 15:35:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\Eidos [2013-01-27 13:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA [2013-01-27 13:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2013-01-27 13:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation [2013-01-27 13:06:22 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll [2013-01-27 13:06:22 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll [2013-01-27 13:06:22 | 000,286,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll [2013-01-27 13:06:22 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll [2013-01-27 13:06:22 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll [2013-01-27 13:06:22 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll [2013-01-27 13:06:22 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll [2013-01-27 13:06:22 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll [2013-01-27 13:06:22 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll [2013-01-27 13:06:22 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll [2013-01-27 13:06:22 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll [2013-01-27 13:06:22 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll [2013-01-27 13:06:22 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll [2013-01-27 13:06:22 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll [2013-01-27 13:06:22 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll [2013-01-27 13:06:22 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll [2013-01-27 13:06:22 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll [2013-01-27 13:06:22 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll [2013-01-27 13:06:22 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll [2013-01-27 13:06:22 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll [2013-01-27 13:06:22 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll [2013-01-27 13:06:22 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll [2013-01-27 13:06:22 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll [2013-01-27 13:06:22 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll [2013-01-27 13:06:22 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll [2013-01-27 13:06:22 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll [2013-01-27 13:06:22 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll [2013-01-27 13:06:22 | 000,126,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll [2013-01-27 13:06:21 | 000,144,312 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe [2013-01-27 13:06:20 | 015,635,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll [2013-01-27 13:06:20 | 000,108,984 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll [2013-01-27 13:06:16 | 000,054,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll [2013-01-27 13:05:28 | 000,884,072 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvhdagenco3220103.dll [2013-01-27 13:05:28 | 000,124,264 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvhda32.sys [2013-01-27 13:05:28 | 000,028,008 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvhdap32.dll [2013-01-27 13:05:27 | 019,570,688 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll [2013-01-27 13:05:27 | 007,716,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll [2013-01-27 13:05:27 | 006,066,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvopencl.dll [2013-01-27 13:05:27 | 002,725,304 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll [2013-01-27 13:05:27 | 001,985,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll [2013-01-27 13:05:27 | 001,017,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll [2013-01-27 13:05:27 | 000,889,784 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispgenco32.dll [2013-01-27 13:05:25 | 017,551,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll [2013-01-27 13:05:25 | 002,448,384 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll [2013-01-27 13:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2013-01-27 13:03:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Grzeg0rz\Recent [2013-01-26 22:16:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Eidos [2013-01-24 17:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\SH4 [2013-01-24 14:22:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\THQ [2013-01-24 13:59:04 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2013-01-23 13:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard Entertainment [2013-01-21 14:07:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\SimCity 4 [2013-01-21 14:02:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Maxis [2013-01-20 14:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Aspyr [2013-01-20 14:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\Aspyr [2013-01-20 14:14:25 | 000,019,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2013-01-19 15:12:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\Anomaly Warzone Earth [2013-01-18 17:58:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\Max Payne 2 Savegames [2013-01-17 18:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\GTA Vice City User Files [2013-01-17 12:43:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\GTA San Andreas User Files [2013-01-16 18:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\digipen [2013-01-16 18:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\digipen [2013-01-15 15:45:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Pulpit\Gladiator (2000) [2013-01-14 15:12:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\GTA3 User Files [2013-01-14 15:07:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Rockstar Games [2013-01-14 14:20:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\InstallShield [2013-01-12 22:16:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\TS3Client [2013-01-12 22:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client [2013-01-12 22:15:48 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2013-01-12 16:42:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\HUGO [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-02-11 14:18:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-02-11 14:16:13 | 000,000,223 | ---- | M] () -- C:\WINDOWS\DeleteOnReboot.bat [2013-02-11 14:07:25 | 109,636,472 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm [2013-02-11 14:03:49 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-02-10 21:51:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-02-10 21:47:06 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-02-10 21:45:49 | 000,365,568 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\v1icp7lp.exe [2013-02-10 21:44:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grzeg0rz\Pulpit\OTL.exe [2013-02-10 20:14:51 | 000,033,112 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys [2013-02-09 21:51:22 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-02-09 21:51:22 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-02-08 23:38:21 | 000,491,818 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-02-08 23:38:21 | 000,433,794 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-02-08 23:38:21 | 000,085,018 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-02-08 23:38:21 | 000,068,542 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013-02-08 19:45:01 | 000,115,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-02-08 18:16:39 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013-02-08 17:14:09 | 000,165,752 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm [2013-02-06 21:43:36 | 000,003,523 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\.recently-used.xbel [2013-02-05 18:21:16 | 000,035,478 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Rumpel.jpg [2013-02-01 22:59:18 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2013-02-01 22:58:18 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-02-01 22:58:17 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-01-31 15:02:39 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2012.lnk [2013-01-27 13:06:11 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013-01-27 13:05:46 | 001,074,560 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2013-01-27 13:05:46 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2013-01-27 13:05:42 | 001,074,560 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2013-01-27 13:05:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk [2013-01-21 14:08:46 | 006,051,707 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Metallica - Nothing Else Matters.mp3 [2013-01-21 14:01:49 | 004,878,496 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Metallica - Whiskey in the jar.mp3 [2013-01-21 14:00:09 | 000,000,532 | ---- | M] () -- C:\WINDOWS\eReg.dat [2013-01-20 11:00:54 | 000,043,300 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\całość II.tsk [2013-01-14 14:11:40 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2013-01-12 22:15:55 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-02-11 14:10:39 | 000,000,223 | ---- | C] () -- C:\WINDOWS\DeleteOnReboot.bat [2013-02-10 21:45:48 | 000,365,568 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\v1icp7lp.exe [2013-02-08 18:03:31 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2013-02-06 21:43:36 | 000,003,523 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\.recently-used.xbel [2013-02-05 19:23:02 | 000,035,478 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Rumpel.jpg [2013-02-01 22:59:18 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2013-01-27 13:05:42 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2013-01-27 13:05:42 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2013-01-27 13:05:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2013-01-27 13:05:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk [2013-01-27 13:05:27 | 002,284,064 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2013-01-27 13:05:27 | 000,016,032 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb [2013-01-24 17:04:19 | 008,994,880 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Silent_Hunter_4_Wolves_of_the_Pacific_-_Poradnik_Gry-OnLine.pdf [2013-01-21 14:00:09 | 000,000,532 | ---- | C] () -- C:\WINDOWS\eReg.dat [2013-01-20 23:38:20 | 004,878,496 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Metallica - Whiskey in the jar.mp3 [2013-01-20 23:37:55 | 006,051,707 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Metallica - Nothing Else Matters.mp3 [2013-01-20 11:00:54 | 000,043,300 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\całość II.tsk [2013-01-12 22:15:55 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [2012-12-25 14:14:18 | 000,025,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT [2012-11-17 19:25:29 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2012-11-04 11:01:47 | 000,000,174 | ---- | C] () -- C:\WINDOWS\ESTIMATE-SETTING.INI [2012-11-04 11:01:47 | 000,000,160 | ---- | C] () -- C:\WINDOWS\ALIGN-SETTING.INI [2012-11-04 11:01:47 | 000,000,106 | ---- | C] () -- C:\WINDOWS\LIMIT-SETTING.INI [2012-11-01 11:22:16 | 000,000,485 | ---- | C] () -- C:\WINDOWS\MRU.ini [2012-10-13 18:09:25 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2012-10-13 18:09:25 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2012-10-13 18:09:25 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll [2012-10-13 18:09:22 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2012-10-12 07:26:44 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini [2012-10-02 19:15:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2012-09-29 17:33:16 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2012-09-29 17:33:16 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2012-09-05 20:04:25 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\SI.bin [2012-09-05 18:38:09 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-08-27 17:21:07 | 000,000,994 | ---- | C] () -- C:\WINDOWS\disney.ini [2012-08-07 20:51:50 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Sof2.INI [2012-07-28 22:55:13 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2012-07-28 22:55:13 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2012-07-28 22:55:13 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2012-07-12 14:10:23 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2012-07-08 12:12:13 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2012-07-08 12:09:15 | 000,120,279 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2012-07-07 16:46:30 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-07-07 16:45:21 | 000,115,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-07-07 15:08:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-07-07 14:56:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-07-07 14:53:01 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [color=#E56717]========== ZeroAccess Check ==========[/color] [2012-07-12 20:56:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012-04-20 20:30:26 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013-02-05 18:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2012-09-11 15:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012 [2012-07-07 15:53:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2012-07-07 20:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2012-07-15 21:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2013-01-31 21:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2012-08-12 13:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Fallout3 [2012-07-18 09:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2012-07-07 19:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [2012-12-22 23:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2013-01-31 15:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2012-11-27 20:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Origin [2013-02-02 20:26:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2012-07-13 22:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RDRM [2012-10-25 17:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RELOADED [2012-12-21 11:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SplitMediaLabs [2012-09-09 20:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Synetic [2012-07-07 15:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2012-12-24 21:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2013-01-30 15:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WarThunder [2012-07-07 15:57:38 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2013-01-31 15:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\TuneUp Software [2013-01-23 12:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\.minecraft [2013-02-05 18:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Ashampoo [2012-12-04 21:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Audacity [2012-07-07 15:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\AVG2012 [2012-12-21 20:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\BESTplayer [2012-07-28 21:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\BlackBean [2012-11-17 19:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\CDROLLER [2013-02-08 16:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\DAEMON Tools Lite [2013-01-16 18:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\digipen [2012-08-27 18:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Disney Interactive Studios [2012-11-04 10:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\DVDVideoSoft [2012-09-05 10:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\FunnyGames [2012-07-18 09:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Gadu-Gadu 10 [2013-02-11 14:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\GG [2013-02-06 21:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\gtk-2.0 [2012-11-25 12:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Image Zone Express [2012-12-29 23:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\ipla [2012-07-08 10:24:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\LolClient [2012-07-18 10:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\LOVE [2012-07-12 14:11:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Nowe Gadu-Gadu [2012-11-08 19:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\OnLive App [2012-10-18 18:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Opera [2012-07-09 10:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Oracle [2012-11-05 19:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Origin [2012-08-04 13:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\OwnRooms [2012-08-24 21:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\runic games [2012-12-21 11:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\SplitMediaLabs [2012-07-28 18:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Stellarium [2012-09-15 13:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Tropico 3 [2013-01-27 13:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\TS3Client [2012-07-31 22:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\TuneUp Software [2012-09-11 15:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Ubisoft [2012-08-20 12:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Unity [2013-02-10 21:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\uTorrent [2012-10-16 13:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\wargaming.net [2012-12-08 16:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\XnView [2012-07-10 16:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\TuneUp Software [2012-07-28 22:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UpdatusUser\Dane aplikacji\TuneUp Software [2013-01-29 17:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UpdatusUser.GRZEGORZ\Dane aplikacji\TuneUp Software [color=#E56717]========== Purity Check ==========[/color] < End of report >

OTL Extras:

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2013-02-11 14:20:44 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Grzeg0rz\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 78,73% Memory free 4,84 Gb Paging File | 4,32 Gb Available in Paging File | 89,31% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,66 Gb Total Space | 39,47 Gb Free Space | 40,41% Space Free | Partition Type: NTFS Drive D: | 135,22 Gb Total Space | 15,98 Gb Free Space | 11,82% Space Free | Partition Type: NTFS Computer Name: GRZEGORZ | User Name: Grzeg0rz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "56482:TCP" = 56482:TCP:*:Enabled:Pando Media Booster "56482:UDP" = 56482:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "56482:TCP" = 56482:TCP:*:Enabled:Pando Media Booster "56482:UDP" = 56482:UDP:*:Enabled:Pando Media Booster "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "80:TCP" = 80:TCP:*:Enabled:War Thunder "443:TCP" = 443:TCP:*:Enabled:War Thunder "20010:UDP" = 20010:UDP:*:Enabled:War Thunder "3478:UDP" = 3478:UDP:*:Enabled:War Thunder "7850:TCP" = 7850:TCP:*:Enabled:War Thunder "27022:TCP" = 27022:TCP:*:Enabled:War Thunder "6881:TCP" = 6881:TCP:*:Enabled:War Thunder "33333:TCP" = 33333:TCP:*:Enabled:War Thunder "20443:TCP" = 20443:TCP:*:Enabled:War Thunder "8090:TCP" = 8090:TCP:*:Enabled:War Thunder [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "I:\fscommand\CKSocketServer.exe" = I:\fscommand\CKSocketServer.exe:*:Enabled:Socket Server "C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- () "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.) "D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "D:\Program Files\Orbitron\Orbitron.exe" = D:\Program Files\Orbitron\Orbitron.exe:*:Enabled:Orbitron - Satellite Tracking System -- (Sebastian Stoff) "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- () "D:\Games\World_of_Tanks\WOTLauncher.exe" = D:\Games\World_of_Tanks\WOTLauncher.exe:*:Enabled:World of Tanks Launcher -- (Wargaming.net) "D:\Games\World_of_Tanks\WorldOfTanks.exe" = D:\Games\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks -- (Wargaming.net) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "D:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe" = D:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe:*:Enabled:FlatOut Ultimate Carnage -- (Empire Interactive Ltd.) "D:\Program Files\Ubisoft\Assassin's Creed - Brotherhood\ACBSP.exe" = D:\Program Files\Ubisoft\Assassin's Creed - Brotherhood\ACBSP.exe:*:Enabled:ACBSP -- () "D:\Program Files\WOT\WoTLauncher.exe" = D:\Program Files\WOT\WoTLauncher.exe:*:Enabled:World of Tanks Launcher -- (Wargaming.net) "D:\Program Files\WOT\WorldOfTanks.exe" = D:\Program Files\WOT\WorldOfTanks.exe:*:Enabled:World of Tanks -- (Wargaming.net) "D:\Program Files\Steam\steamapps\common\Anomaly Warzone Earth\AnomalyWarzoneEarth.exe" = D:\Program Files\Steam\steamapps\common\Anomaly Warzone Earth\AnomalyWarzoneEarth.exe:*:Enabled:Anomaly Warzone Earth -- () "D:\Program Files\THQ\Company of Heroes\RelicCOH.exe" = D:\Program Files\THQ\Company of Heroes\RelicCOH.exe:*:Enabled:Company of Heroes -- (THQ Canada Inc.) "D:\Program Files\THQ\Company of Heroes\RelicDownloader\RelicDownloader.exe" = D:\Program Files\THQ\Company of Heroes\RelicDownloader\RelicDownloader.exe:*:Enabled:Relic Downloader -- (THQ Canada Inc.) "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation) "C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Ochrona Sieci -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2012 -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Uniwersalny skaner poczty e-mail -- (AVG Technologies CZ, s.r.o.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300 "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{0D005F09-A5F4-473B-A901-5735C6AF5628}" = Silent Hunter 4 Wolves of the Pacific z dodatkiem U-boat Missions "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1" = World of Tanks - Common Test "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress "{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9 "{286C5BE9-7E61-4AC1-B674-BED333C35F73}" = AVG 2012 "{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012 "{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI "{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant "{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI "{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI "{6068A42A-C1CF-45F2-9859-5DB16287FE5D}" = msvcrt_installer "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI "{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI "{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox "{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{70073F81-7201-1F4B-8111-2686B8A60F85}" = Tomb Raider - Underworld "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme "{73F9192E-A60B-47BA-809A-AE07AF507EA7}" = S.T.A.L.K.E.R. - Shadow of Chernobyl "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World "{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK "{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI "{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI "{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90850415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3 "{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy "{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A5EA10B8-304A-412E-8ED8-4D8488F19A49}" = AVG 2012 "{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 310.90 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 310.90 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.11.3 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.18.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI "{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update "{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter "{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI "{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp "{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch "{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help "{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI "{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin "{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC "{F161A0DD-AAA9-4938-A741-ED491F77D034}" = TuneUp Utilities Language Pack (pl-PL) "{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk "{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan "{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA "{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations "{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA "{FF3C203A-2F19-43A2-9C7C-EC1B5A0FC873}" = Pure "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Alan Wake_is1" = Alan Wake "Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v10.0.15 "Assassin's Creed: Brotherhood_is1" = Assassin's Creed: Brotherhood "Audacity_is1" = Audacity 2.0.2 "AVG" = AVG 2012 "AVG Secure Search" = AVG Security Toolbar "CCleaner" = CCleaner "Company of Heroes" = Company of Heroes "FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage "Fraps" = Fraps (remove only) "Google Chrome" = Google Chrome "HP Imaging Device Functions" = HP Imaging Device Functions 7.0 "HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0 "HPExtendedCapabilities" = HP Customer cenzura! Program 7.0 "HUGO" = HUGO "ie8" = Windows Internet Explorer 8 "ipla" = ipla 2.4 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.70.0.1100 "Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MWSnap 3" = MWSnap 3 "Opera 12.02.1578" = Opera 12.02 "Orbitron_is1" = Orbitron - Satellite Tracking System "PicPick" = PicPick "RegiStax 2" = RegiStax 2 .1.1 beta "Steam App 91200" = Anomaly Warzone Earth "Stellarium_is1" = Stellarium 0.11.3 "Tasker_is1" = Tasker version 3.13 "TeamSpeak 3 Client" = TeamSpeak 3 Client "The Walking Dead (c) 3_is1" = The Walking Dead (c) 3 version 1 "TuneUp Utilities 2012" = TuneUp Utilities 2012 "Unlocker" = Unlocker 1.9.1 "uTorrent" = µTorrent "Windows Media Format Runtime" = Windows Media Format 11 runtime "WinGimp-2.0_is1" = GIMP 2.6.12-2 "WinRAR archiver" = WinRAR 4.20 (32-bitowy) "World of Warcraft" = World of Warcraft "Xbox_360_CC_Driver" = Xbox 360 Controller for Windows "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "RegiStax 6" = RegiStax 6 "RegiStax 6.1.0.8 update" = RegiStax 6.1.0.8 update "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-02-08 11:51:35 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd 1503startup.exe, wersja 0.0.1.0, moduł powodujący błąd annoframe.dll, wersja 1.0.1.0, adres błędu 0x0006fc57. Error - 2013-02-08 11:51:48 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd 1503startup.exe, wersja 0.0.1.0, moduł powodujący błąd annoframe.dll, wersja 1.0.1.0, adres błędu 0x0006fc57. Error - 2013-02-08 11:52:02 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd 1503startup.exe, wersja 0.0.1.0, moduł powodujący błąd view.dll, wersja 0.0.0.0, adres błędu 0x0007f47e. Error - 2013-02-08 13:16:29 | Computer Name = GRZEGORZ | Source = MsiInstaller | ID = 11935 Description = Produkt: Microsoft .NET Framework 3.0 Service Pack 2 -- Błąd 1935. Wystąpił błąd podczas instalowania zestawu 'System.IdentityModel,fileVersion="3.0.4506.4037",culture="neutral",version="3.0.0.0",publicKeyToken="b77a5c561934e089",processorArchitecture="MSIL"'. Zobacz Pomoc i obsługę techniczną, aby uzyskać więcej informacji. HRESULT: 0x80070020. interfejs asemblacji: IAssemblyCacheItem, funkcja: Commit, składnik: {9BE08645-F9F8-4D7B-B945-1DC1877C6CB1} Error - 2013-02-08 13:16:33 | Computer Name = GRZEGORZ | Source = MsiInstaller | ID = 1023 Description = Produkt: Microsoft .NET Framework 3.0 Service Pack 2 - nie można zainstalować aktualizacji 'KB2756918'. Kod błędu 1603. Dodatkowe informacje są dostępne w pliku dziennika C:\WINDOWS\system32\config\SYSTEM~1\USTAWI~1\Temp\Microsoft .NET Framework 3.0-KB2756918_20130208_171619359-Msi0.txt. Error - 2013-02-08 13:16:34 | Computer Name = GRZEGORZ | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb2756918, P2 1045, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 1935. Error - 2013-02-10 15:32:09 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd svchost.exe, wersja 5.1.2600.5512, moduł powodujący błąd wiaservc.dll, wersja 5.1.2600.5512, adres błędu 0x000223dd. Error - 2013-02-11 09:14:00 | Computer Name = GRZEGORZ | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca AdwCleaner.exe, wersja 2.1.1.2, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2013-02-11 09:15:02 | Computer Name = GRZEGORZ | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca AdwCleaner.exe, wersja 2.1.1.2, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2013-02-11 09:16:28 | Computer Name = GRZEGORZ | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca adwcleaner (1).exe, wersja 2.1.1.2, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. [ System Events ] Error - 2013-02-04 14:12:41 | Computer Name = GRZEGORZ | Source = System Error | ID = 1003 Description = Kod błędu 1000008e, parametr 1 c0000005, parametr 2 bf84c68e, parametr 3 afbf1ae4, parametr 4 00000000. Error - 2013-02-05 09:55:56 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa Windows Image Acquisition (WIA) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-08 09:21:33 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa Windows Image Acquisition (WIA) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-08 13:16:35 | Computer Name = GRZEGORZ | Source = Windows Update Agent | ID = 20 Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Aktualizacja zabezpieczeń dla programu Microsoft .NET Framework 3.0 z dodatkiem SP2 w systemach Windows Server 2003 i Windows XP x86 (KB2756918). Error - 2013-02-10 12:11:56 | Computer Name = GRZEGORZ | Source = System Error | ID = 1003 Description = Kod błędu 1000008e, parametr 1 c0000005, parametr 2 bf8488a2, parametr 3 ae6afae4, parametr 4 00000000. Error - 2013-02-10 15:32:14 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa Windows Image Acquisition (WIA) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-11 09:17:18 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Driver Helper Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-11 09:17:18 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa Pml Driver HPZ12 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-11 09:17:18 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa vToolbarUpdater14.1.7 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-11 09:17:18 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa TuneUp Utilities Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report >

**Posty:** 4765 · przez **ordynat** 11 Lut 2013, 15:57

Skoro u Ciebie Adw-Cleaner nie chce działać, to poprzestaniemy na tym, co da się zrobić.
Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej to:

:Files
C:\Program Files\Common Files\AVG Secure Search

:OTL
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\\npsitesafety.dll ()

:Reg
[-HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}]
[HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

:Commands
[emptytemp]

Kliknij w Wykonaj Skrypt.

.

**Posty:** 253 · przez **Aragorn160** 11 Lut 2013, 16:27

OTL po wykonaniu skryptu:

Kod: Zaznacz wszystko: All processes killed ========== FILES ========== C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ToolBandTlb\14.1.7 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ToolBandTlb\14.0.1 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ToolBandTlb\13.2.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ToolBandTlb\12.2.6 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ToolBandTlb\11.2.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ToolBandTlb\11.1.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ToolBandTlb\11.0.2 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ToolBandTlb folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\14.1.7 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\14.0.1 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\13.2.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\12.2.6 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\11.2.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\11.1.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\11.0.2 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\RewardsInstaller\14.1.7 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\RewardsInstaller\14.0.1 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\RewardsInstaller folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\DriverInstaller\14.1.7 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\DriverInstaller\14.0.1 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\DriverInstaller\13.2.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\DriverInstaller\12.2.6 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\DriverInstaller folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\14.1.7 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\14.0.1 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\12.2.6 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\DNTInstaller folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\CommonInstaller\12.2.6 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\CommonInstaller\11.2.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\CommonInstaller\11.1.0 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\CommonInstaller\11.0.2 folder moved successfully. C:\Program Files\Common Files\AVG Secure Search\CommonInstaller folder moved successfully. C:\Program Files\Common Files\AVG Secure Search folder moved successfully. ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin\ deleted successfully. File C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\\npsitesafety.dll not found. ========== REGISTRY ========== Registry key HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found. HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"http://www.google.com/" /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Grzeg0rz ->Temp folder emptied: 1309197 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Google Chrome cache emptied: 58089795 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 2403 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: UpdatusUser.GRZEGORZ ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes RecycleBin emptied: 190088 bytes Total Files Cleaned = 57,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 02112013_152051 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...

OTL:

Kod: Zaznacz wszystko: OTL logfile created on: 2013-02-11 15:23:21 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Grzeg0rz\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,38 Gb Available Physical Memory | 79,33% Memory free 4,84 Gb Paging File | 4,35 Gb Available in Paging File | 89,91% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,66 Gb Total Space | 39,33 Gb Free Space | 40,27% Space Free | Partition Type: NTFS Drive D: | 135,22 Gb Total Space | 10,10 Gb Free Space | 7,47% Space Free | Partition Type: NTFS Computer Name: GRZEGORZ | User Name: Grzeg0rz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-02-10 21:44:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grzeg0rz\Pulpit\OTL.exe PRC - [2013-01-26 03:35:08 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe PRC - [2012-12-29 11:31:25 | 001,260,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-11-19 17:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe PRC - [2012-11-08 03:51:06 | 000,768,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe PRC - [2012-11-08 03:51:04 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe PRC - [2012-11-02 03:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe PRC - [2012-05-29 16:38:00 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2012-05-29 16:38:00 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2012-03-19 04:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe PRC - [2012-02-14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe PRC - [2012-02-14 03:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-03 20:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-01-26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppgooglenaclpluginchrome.dll MOD - [2013-01-26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll MOD - [2013-01-26 03:34:19 | 000,597,968 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\libglesv2.dll MOD - [2013-01-26 03:34:18 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\libegl.dll MOD - [2013-01-26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013-02-09 21:51:23 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-12-29 11:31:25 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-12-07 19:14:17 | 000,541,168 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-12-06 16:54:25 | 000,161,768 | ---- | M] (Oracle Corporation) [Disabled | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-11-02 03:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-05-29 16:38:00 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2012-05-29 16:37:58 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2012-02-14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2006-03-03 20:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013-02-10 20:14:51 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp) DRV - [2012-12-10 03:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2012-11-08 03:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2012-11-05 20:15:13 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2012-11-05 20:15:13 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2012-09-25 20:09:12 | 006,195,344 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2012-08-24 14:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2012-07-03 16:25:19 | 000,124,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA) DRV - [2012-05-08 14:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2012-04-19 03:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2012-02-22 19:18:10 | 000,329,960 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2012-01-31 03:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2011-12-23 12:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011-12-23 12:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2011-12-23 12:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter) DRV - [2010-07-04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) [2012-07-07 19:01:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Mozilla\Extensions [2012-09-03 13:58:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.100_0\npbrowserext.dll CHR - plugin: Perion plugin (Enabled) = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1165635.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - Extension: Dokumenty Google = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Dysk Google = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Gmail = C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2008-04-15 13:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1757981266-1604221776-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1757981266-1604221776-1801674531-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D058DDFA-042F-4F78-A7AF-A4DC8C53347E}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7\ViProtocol.dll File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O27 - HKLM IFEO\acrord32.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\hamachi-2-ui.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\ipla.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\javaw.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\javaws.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\steam.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\unlocker.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\unlockerassistant.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-07-07 14:55:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-02-11 14:17:17 | 000,000,000 | ---D | C] -- C:\_OTL [2013-02-10 21:44:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Grzeg0rz\Pulpit\OTL.exe [2013-02-07 17:34:00 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll [2013-02-07 17:34:00 | 000,018,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui [2013-02-05 19:05:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ashampoo [2013-02-05 19:05:33 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo [2013-02-05 18:46:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Ashampoo [2013-02-05 18:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\ashampoo [2013-02-05 18:45:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2013-02-03 12:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\World of Warcraft [2013-02-01 22:59:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome [2013-01-31 21:43:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Electronic_Arts_Inc [2013-01-31 21:43:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Electronic Arts [2013-01-31 15:02:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AVG [2013-01-30 15:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\WarThunder [2013-01-30 15:48:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\WarThunder [2013-01-27 15:35:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\Eidos [2013-01-27 13:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA [2013-01-27 13:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies [2013-01-27 13:07:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation [2013-01-27 13:06:22 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll [2013-01-27 13:06:22 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll [2013-01-27 13:06:22 | 000,286,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll [2013-01-27 13:06:22 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll [2013-01-27 13:06:22 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll [2013-01-27 13:06:22 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll [2013-01-27 13:06:22 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll [2013-01-27 13:06:22 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll [2013-01-27 13:06:22 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll [2013-01-27 13:06:22 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll [2013-01-27 13:06:22 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll [2013-01-27 13:06:22 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll [2013-01-27 13:06:22 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll [2013-01-27 13:06:22 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll [2013-01-27 13:06:22 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll [2013-01-27 13:06:22 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll [2013-01-27 13:06:22 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll [2013-01-27 13:06:22 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll [2013-01-27 13:06:22 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll [2013-01-27 13:06:22 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll [2013-01-27 13:06:22 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll [2013-01-27 13:06:22 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll [2013-01-27 13:06:22 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll [2013-01-27 13:06:22 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll [2013-01-27 13:06:22 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll [2013-01-27 13:06:22 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll [2013-01-27 13:06:22 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll [2013-01-27 13:06:22 | 000,126,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll [2013-01-27 13:06:21 | 000,144,312 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe [2013-01-27 13:06:20 | 015,635,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll [2013-01-27 13:06:20 | 000,108,984 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll [2013-01-27 13:06:16 | 000,054,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll [2013-01-27 13:05:28 | 000,884,072 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvhdagenco3220103.dll [2013-01-27 13:05:28 | 000,124,264 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvhda32.sys [2013-01-27 13:05:28 | 000,028,008 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvhdap32.dll [2013-01-27 13:05:27 | 019,570,688 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll [2013-01-27 13:05:27 | 007,716,864 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll [2013-01-27 13:05:27 | 006,066,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvopencl.dll [2013-01-27 13:05:27 | 002,725,304 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll [2013-01-27 13:05:27 | 001,985,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll [2013-01-27 13:05:27 | 001,017,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll [2013-01-27 13:05:27 | 000,889,784 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispgenco32.dll [2013-01-27 13:05:25 | 017,551,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll [2013-01-27 13:05:25 | 002,448,384 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll [2013-01-27 13:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2013-01-27 13:03:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Grzeg0rz\Recent [2013-01-26 22:16:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Eidos [2013-01-24 17:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\SH4 [2013-01-24 14:22:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\THQ [2013-01-24 13:59:04 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2013-01-23 13:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Blizzard Entertainment [2013-01-21 14:07:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\SimCity 4 [2013-01-21 14:02:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Maxis [2013-01-20 14:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\Aspyr [2013-01-20 14:25:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\Aspyr [2013-01-20 14:14:25 | 000,019,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2013-01-19 15:12:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\Anomaly Warzone Earth [2013-01-18 17:58:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\Max Payne 2 Savegames [2013-01-17 18:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\GTA Vice City User Files [2013-01-17 12:43:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\GTA San Andreas User Files [2013-01-16 18:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\digipen [2013-01-16 18:17:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\digipen [2013-01-15 15:45:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Pulpit\Gladiator (2000) [2013-01-14 15:12:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\GTA3 User Files [2013-01-14 15:07:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Rockstar Games [2013-01-14 14:20:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\InstallShield [2013-01-12 22:16:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\TS3Client [2013-01-12 22:15:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client [2013-01-12 22:15:48 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2013-01-12 16:42:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\HUGO [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-02-11 15:21:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-02-11 14:51:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-02-11 14:16:13 | 000,000,223 | ---- | M] () -- C:\WINDOWS\DeleteOnReboot.bat [2013-02-11 14:07:25 | 109,636,472 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm [2013-02-11 14:03:49 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-02-10 21:47:06 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-02-10 21:45:49 | 000,365,568 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\v1icp7lp.exe [2013-02-10 21:44:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Grzeg0rz\Pulpit\OTL.exe [2013-02-10 20:14:51 | 000,033,112 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys [2013-02-09 21:51:22 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-02-09 21:51:22 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-02-08 23:38:21 | 000,491,818 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-02-08 23:38:21 | 000,433,794 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-02-08 23:38:21 | 000,085,018 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-02-08 23:38:21 | 000,068,542 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013-02-08 19:45:01 | 000,115,768 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-02-08 18:16:39 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013-02-08 17:14:09 | 000,165,752 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm [2013-02-06 21:43:36 | 000,003,523 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\.recently-used.xbel [2013-02-05 18:21:16 | 000,035,478 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Rumpel.jpg [2013-02-01 22:59:18 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2013-02-01 22:58:18 | 000,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-02-01 22:58:17 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-01-31 15:02:39 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\AVG 2012.lnk [2013-01-27 13:06:11 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013-01-27 13:05:46 | 001,074,560 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2013-01-27 13:05:46 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2013-01-27 13:05:42 | 001,074,560 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2013-01-27 13:05:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk [2013-01-21 14:08:46 | 006,051,707 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Metallica - Nothing Else Matters.mp3 [2013-01-21 14:01:49 | 004,878,496 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Metallica - Whiskey in the jar.mp3 [2013-01-21 14:00:09 | 000,000,532 | ---- | M] () -- C:\WINDOWS\eReg.dat [2013-01-20 11:00:54 | 000,043,300 | ---- | M] () -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\całość II.tsk [2013-01-14 14:11:40 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2013-01-12 22:15:55 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-02-11 14:10:39 | 000,000,223 | ---- | C] () -- C:\WINDOWS\DeleteOnReboot.bat [2013-02-10 21:45:48 | 000,365,568 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\v1icp7lp.exe [2013-02-08 18:03:31 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2013-02-06 21:43:36 | 000,003,523 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\.recently-used.xbel [2013-02-05 19:23:02 | 000,035,478 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Rumpel.jpg [2013-02-01 22:59:18 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2013-01-27 13:05:42 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2013-01-27 13:05:42 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2013-01-27 13:05:42 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2013-01-27 13:05:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk [2013-01-27 13:05:27 | 002,284,064 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2013-01-27 13:05:27 | 000,016,032 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb [2013-01-24 17:04:19 | 008,994,880 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Silent_Hunter_4_Wolves_of_the_Pacific_-_Poradnik_Gry-OnLine.pdf [2013-01-21 14:00:09 | 000,000,532 | ---- | C] () -- C:\WINDOWS\eReg.dat [2013-01-20 23:38:20 | 004,878,496 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Metallica - Whiskey in the jar.mp3 [2013-01-20 23:37:55 | 006,051,707 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Pulpit\Metallica - Nothing Else Matters.mp3 [2013-01-20 11:00:54 | 000,043,300 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Moje dokumenty\całość II.tsk [2013-01-12 22:15:55 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [2012-12-25 14:14:18 | 000,025,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT [2012-11-17 19:25:29 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2012-11-04 11:01:47 | 000,000,174 | ---- | C] () -- C:\WINDOWS\ESTIMATE-SETTING.INI [2012-11-04 11:01:47 | 000,000,160 | ---- | C] () -- C:\WINDOWS\ALIGN-SETTING.INI [2012-11-04 11:01:47 | 000,000,106 | ---- | C] () -- C:\WINDOWS\LIMIT-SETTING.INI [2012-11-01 11:22:16 | 000,000,485 | ---- | C] () -- C:\WINDOWS\MRU.ini [2012-10-13 18:09:25 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2012-10-13 18:09:25 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2012-10-13 18:09:25 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll [2012-10-13 18:09:22 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2012-10-12 07:26:44 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini [2012-10-02 19:15:39 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2012-09-29 17:33:16 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2012-09-29 17:33:16 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2012-09-05 20:04:25 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\SI.bin [2012-09-05 18:38:09 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Grzeg0rz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-08-27 17:21:07 | 000,000,994 | ---- | C] () -- C:\WINDOWS\disney.ini [2012-08-07 20:51:50 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Sof2.INI [2012-07-28 22:55:13 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2012-07-28 22:55:13 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2012-07-28 22:55:13 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2012-07-12 14:10:23 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2012-07-08 12:12:13 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2012-07-08 12:09:15 | 000,120,279 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2012-07-07 16:46:30 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-07-07 16:45:21 | 000,115,768 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-07-07 15:08:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-07-07 14:56:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-07-07 14:53:01 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [color=#E56717]========== ZeroAccess Check ==========[/color] [2012-07-12 20:56:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012-04-20 20:30:26 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013-02-05 18:45:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2012-09-11 15:44:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012 [2012-07-07 15:53:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2012-07-07 20:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2012-07-15 21:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2013-01-31 21:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2012-08-12 13:46:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Fallout3 [2012-07-18 09:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2012-07-07 19:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [2012-12-22 23:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2013-01-31 15:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2012-11-27 20:48:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Origin [2013-02-02 20:26:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2012-07-13 22:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RDRM [2012-10-25 17:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RELOADED [2012-12-21 11:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SplitMediaLabs [2012-09-09 20:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Synetic [2012-07-07 15:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2012-12-24 21:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2013-01-30 15:48:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WarThunder [2012-07-07 15:57:38 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2013-01-31 15:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\TuneUp Software [2013-01-23 12:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\.minecraft [2013-02-05 18:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Ashampoo [2012-12-04 21:12:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Audacity [2012-07-07 15:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\AVG2012 [2012-12-21 20:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\BESTplayer [2012-07-28 21:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\BlackBean [2012-11-17 19:08:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\CDROLLER [2013-02-08 16:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\DAEMON Tools Lite [2013-01-16 18:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\digipen [2012-08-27 18:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Disney Interactive Studios [2012-11-04 10:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\DVDVideoSoft [2012-09-05 10:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\FunnyGames [2012-07-18 09:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Gadu-Gadu 10 [2013-02-11 14:32:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\GG [2013-02-06 21:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\gtk-2.0 [2012-11-25 12:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Image Zone Express [2012-12-29 23:17:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\ipla [2012-07-08 10:24:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\LolClient [2012-07-18 10:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\LOVE [2012-07-12 14:11:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Nowe Gadu-Gadu [2012-11-08 19:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\OnLive App [2012-10-18 18:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Opera [2012-07-09 10:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Oracle [2012-11-05 19:55:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Origin [2012-08-04 13:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\OwnRooms [2012-08-24 21:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\runic games [2012-12-21 11:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\SplitMediaLabs [2012-07-28 18:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Stellarium [2012-09-15 13:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Tropico 3 [2013-01-27 13:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\TS3Client [2012-07-31 22:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\TuneUp Software [2012-09-11 15:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Ubisoft [2012-08-20 12:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\Unity [2013-02-10 21:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\uTorrent [2012-10-16 13:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\wargaming.net [2012-12-08 16:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Grzeg0rz\Dane aplikacji\XnView [2012-07-10 16:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\TuneUp Software [2012-07-28 22:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UpdatusUser\Dane aplikacji\TuneUp Software [2013-01-29 17:56:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UpdatusUser.GRZEGORZ\Dane aplikacji\TuneUp Software [color=#E56717]========== Purity Check ==========[/color] < End of report >

OTL Extras:

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2013-02-11 15:23:21 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Grzeg0rz\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,38 Gb Available Physical Memory | 79,33% Memory free 4,84 Gb Paging File | 4,35 Gb Available in Paging File | 89,91% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,66 Gb Total Space | 39,33 Gb Free Space | 40,27% Space Free | Partition Type: NTFS Drive D: | 135,22 Gb Total Space | 10,10 Gb Free Space | 7,47% Space Free | Partition Type: NTFS Computer Name: GRZEGORZ | User Name: Grzeg0rz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "56482:TCP" = 56482:TCP:*:Enabled:Pando Media Booster "56482:UDP" = 56482:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "56482:TCP" = 56482:TCP:*:Enabled:Pando Media Booster "56482:UDP" = 56482:UDP:*:Enabled:Pando Media Booster "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "80:TCP" = 80:TCP:*:Enabled:War Thunder "443:TCP" = 443:TCP:*:Enabled:War Thunder "20010:UDP" = 20010:UDP:*:Enabled:War Thunder "3478:UDP" = 3478:UDP:*:Enabled:War Thunder "7850:TCP" = 7850:TCP:*:Enabled:War Thunder "27022:TCP" = 27022:TCP:*:Enabled:War Thunder "6881:TCP" = 6881:TCP:*:Enabled:War Thunder "33333:TCP" = 33333:TCP:*:Enabled:War Thunder "20443:TCP" = 20443:TCP:*:Enabled:War Thunder "8090:TCP" = 8090:TCP:*:Enabled:War Thunder [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "I:\fscommand\CKSocketServer.exe" = I:\fscommand\CKSocketServer.exe:*:Enabled:Socket Server "C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalator AVG -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- () "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.) "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.) "D:\Program Files\uTorrent\uTorrent.exe" = D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "D:\Program Files\Orbitron\Orbitron.exe" = D:\Program Files\Orbitron\Orbitron.exe:*:Enabled:Orbitron - Satellite Tracking System -- (Sebastian Stoff) "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) "C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- () "D:\Games\World_of_Tanks\WOTLauncher.exe" = D:\Games\World_of_Tanks\WOTLauncher.exe:*:Enabled:World of Tanks Launcher -- (Wargaming.net) "D:\Games\World_of_Tanks\WorldOfTanks.exe" = D:\Games\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks -- (Wargaming.net) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "D:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe" = D:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe:*:Enabled:FlatOut Ultimate Carnage -- (Empire Interactive Ltd.) "D:\Program Files\Ubisoft\Assassin's Creed - Brotherhood\ACBSP.exe" = D:\Program Files\Ubisoft\Assassin's Creed - Brotherhood\ACBSP.exe:*:Enabled:ACBSP -- () "D:\Program Files\WOT\WoTLauncher.exe" = D:\Program Files\WOT\WoTLauncher.exe:*:Enabled:World of Tanks Launcher -- (Wargaming.net) "D:\Program Files\WOT\WorldOfTanks.exe" = D:\Program Files\WOT\WorldOfTanks.exe:*:Enabled:World of Tanks -- (Wargaming.net) "D:\Program Files\Steam\steamapps\common\Anomaly Warzone Earth\AnomalyWarzoneEarth.exe" = D:\Program Files\Steam\steamapps\common\Anomaly Warzone Earth\AnomalyWarzoneEarth.exe:*:Enabled:Anomaly Warzone Earth -- () "D:\Program Files\THQ\Company of Heroes\RelicCOH.exe" = D:\Program Files\THQ\Company of Heroes\RelicCOH.exe:*:Enabled:Company of Heroes -- (THQ Canada Inc.) "D:\Program Files\THQ\Company of Heroes\RelicDownloader\RelicDownloader.exe" = D:\Program Files\THQ\Company of Heroes\RelicDownloader\RelicDownloader.exe:*:Enabled:Relic Downloader -- (THQ Canada Inc.) "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation) "C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Ochrona Sieci -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:Diagnostyka AVG 2012 -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Uniwersalny skaner poczty e-mail -- (AVG Technologies CZ, s.r.o.) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0101386E-6E51-4544-A66E-26FA06FF1776}" = Heroes Over Europe "{036FD544-AED6-3F33-856D-A2292D0CF471}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PLK "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300 "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{0D005F09-A5F4-473B-A901-5735C6AF5628}" = Silent Hunter 4 Wolves of the Pacific z dodatkiem U-boat Missions "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1" = World of Tanks - Common Test "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress "{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9 "{286C5BE9-7E61-4AC1-B674-BED333C35F73}" = AVG 2012 "{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012 "{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI "{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant "{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI "{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI "{6068A42A-C1CF-45F2-9859-5DB16287FE5D}" = msvcrt_installer "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI "{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI "{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox "{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{70073F81-7201-1F4B-8111-2686B8A60F85}" = Tomb Raider - Underworld "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme "{73F9192E-A60B-47BA-809A-AE07AF507EA7}" = S.T.A.L.K.E.R. - Shadow of Chernobyl "{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World "{7C77393F-8237-3825-A88A-AFAF3C69C072}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PLK "{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI "{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI "{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90850415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003 "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3 "{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy "{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A5EA10B8-304A-412E-8ED8-4D8488F19A49}" = AVG 2012 "{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 310.90 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 310.90 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.11.3 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.18.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI "{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update "{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter "{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA "{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI "{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp "{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch "{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help "{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI "{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EFE1AB94-5466-4B6E-BE31-FF4C115FD25D}" = Max Payne 2 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Wiedźmin "{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC "{F161A0DD-AAA9-4938-A741-ED491F77D034}" = TuneUp Utilities Language Pack (pl-PL) "{F31E509D-3597-324E-83CF-0C160B2320F0}" = Microsoft .NET Framework 3.5 Language Pack - plk "{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan "{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA "{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations "{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA "{FF3C203A-2F19-43A2-9C7C-EC1B5A0FC873}" = Pure "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C" = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Alan Wake_is1" = Alan Wake "Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v10.0.15 "Assassin's Creed: Brotherhood_is1" = Assassin's Creed: Brotherhood "Audacity_is1" = Audacity 2.0.2 "AVG" = AVG 2012 "AVG Secure Search" = AVG Security Toolbar "CCleaner" = CCleaner "Company of Heroes" = Company of Heroes "FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage "Fraps" = Fraps (remove only) "Google Chrome" = Google Chrome "HP Imaging Device Functions" = HP Imaging Device Functions 7.0 "HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0 "HPExtendedCapabilities" = HP Customer cenzura! Program 7.0 "HUGO" = HUGO "ie8" = Windows Internet Explorer 8 "ipla" = ipla 2.4 "KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.70.0.1100 "Microsoft .NET Framework 3.5 Language Pack - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MWSnap 3" = MWSnap 3 "Opera 12.02.1578" = Opera 12.02 "Orbitron_is1" = Orbitron - Satellite Tracking System "PicPick" = PicPick "RegiStax 2" = RegiStax 2 .1.1 beta "Steam App 91200" = Anomaly Warzone Earth "Stellarium_is1" = Stellarium 0.11.3 "Tasker_is1" = Tasker version 3.13 "TeamSpeak 3 Client" = TeamSpeak 3 Client "The Walking Dead (c) 3_is1" = The Walking Dead (c) 3 version 1 "TuneUp Utilities 2012" = TuneUp Utilities 2012 "Unlocker" = Unlocker 1.9.1 "uTorrent" = µTorrent "Windows Media Format Runtime" = Windows Media Format 11 runtime "WinGimp-2.0_is1" = GIMP 2.6.12-2 "WinRAR archiver" = WinRAR 4.20 (32-bitowy) "World of Warcraft" = World of Warcraft "Xbox_360_CC_Driver" = Xbox 360 Controller for Windows "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GG" = GG "RegiStax 6" = RegiStax 6 "RegiStax 6.1.0.8 update" = RegiStax 6.1.0.8 update "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2013-02-08 11:51:35 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd 1503startup.exe, wersja 0.0.1.0, moduł powodujący błąd annoframe.dll, wersja 1.0.1.0, adres błędu 0x0006fc57. Error - 2013-02-08 11:51:48 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd 1503startup.exe, wersja 0.0.1.0, moduł powodujący błąd annoframe.dll, wersja 1.0.1.0, adres błędu 0x0006fc57. Error - 2013-02-08 11:52:02 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd 1503startup.exe, wersja 0.0.1.0, moduł powodujący błąd view.dll, wersja 0.0.0.0, adres błędu 0x0007f47e. Error - 2013-02-08 13:16:29 | Computer Name = GRZEGORZ | Source = MsiInstaller | ID = 11935 Description = Produkt: Microsoft .NET Framework 3.0 Service Pack 2 -- Błąd 1935. Wystąpił błąd podczas instalowania zestawu 'System.IdentityModel,fileVersion="3.0.4506.4037",culture="neutral",version="3.0.0.0",publicKeyToken="b77a5c561934e089",processorArchitecture="MSIL"'. Zobacz Pomoc i obsługę techniczną, aby uzyskać więcej informacji. HRESULT: 0x80070020. interfejs asemblacji: IAssemblyCacheItem, funkcja: Commit, składnik: {9BE08645-F9F8-4D7B-B945-1DC1877C6CB1} Error - 2013-02-08 13:16:33 | Computer Name = GRZEGORZ | Source = MsiInstaller | ID = 1023 Description = Produkt: Microsoft .NET Framework 3.0 Service Pack 2 - nie można zainstalować aktualizacji 'KB2756918'. Kod błędu 1603. Dodatkowe informacje są dostępne w pliku dziennika C:\WINDOWS\system32\config\SYSTEM~1\USTAWI~1\Temp\Microsoft .NET Framework 3.0-KB2756918_20130208_171619359-Msi0.txt. Error - 2013-02-08 13:16:34 | Computer Name = GRZEGORZ | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb2756918, P2 1045, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 1935. Error - 2013-02-10 15:32:09 | Computer Name = GRZEGORZ | Source = Application Error | ID = 1000 Description = Aplikacja powodująca błąd svchost.exe, wersja 5.1.2600.5512, moduł powodujący błąd wiaservc.dll, wersja 5.1.2600.5512, adres błędu 0x000223dd. Error - 2013-02-11 09:14:00 | Computer Name = GRZEGORZ | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca AdwCleaner.exe, wersja 2.1.1.2, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2013-02-11 09:15:02 | Computer Name = GRZEGORZ | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca AdwCleaner.exe, wersja 2.1.1.2, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. Error - 2013-02-11 09:16:28 | Computer Name = GRZEGORZ | Source = Application Hang | ID = 1002 Description = Aplikacja zawieszająca adwcleaner (1).exe, wersja 2.1.1.2, moduł zawieszenia hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000. [ System Events ] Error - 2013-02-08 13:16:35 | Computer Name = GRZEGORZ | Source = Windows Update Agent | ID = 20 Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Aktualizacja zabezpieczeń dla programu Microsoft .NET Framework 3.0 z dodatkiem SP2 w systemach Windows Server 2003 i Windows XP x86 (KB2756918). Error - 2013-02-10 12:11:56 | Computer Name = GRZEGORZ | Source = System Error | ID = 1003 Description = Kod błędu 1000008e, parametr 1 c0000005, parametr 2 bf8488a2, parametr 3 ae6afae4, parametr 4 00000000. Error - 2013-02-10 15:32:14 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa Windows Image Acquisition (WIA) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-11 09:17:18 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Driver Helper Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-11 09:17:18 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa Pml Driver HPZ12 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-11 09:17:18 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa vToolbarUpdater14.1.7 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-11 09:17:18 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa TuneUp Utilities Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-11 10:20:52 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Driver Helper Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-11 10:20:52 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa Pml Driver HPZ12 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2013-02-11 10:20:52 | Computer Name = GRZEGORZ | Source = Service Control Manager | ID = 7034 Description = Usługa TuneUp Utilities Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report >

**Posty:** 4765 · przez **ordynat** 11 Lut 2013, 16:32

Do Notatnika wklej:

Kod: Zaznacz wszystko: Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-1757981266-1604221776-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

Z Menu Notatnika >> Plik >> Zapisz jako >> Ustaw rozszerzenie na Wszystkie pliki >> Zapisz jako> FIX.REG >>
plik uruchom (dwuklik i OK).

W Adw-Cleaner kliknij na przycisk Odinstaluj
W OTL kliknij na przycisk Sprzątanie - to go usunie razem z jego Kwarantanną.
.

**Posty:** 253 · przez **Aragorn160** 12 Lut 2013, 19:35

Problem rozwiązany. Dziękuję za pomoc :wink:

Kto jest na forum