Proszę o sprawdzenie loga-trojan.fakealert

[agata.dc]

Kod: Zaznacz wszystko

[code]OTL logfile created on: 2/7/2011 3:37:52 PM - Run 2
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\oem\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 60.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58.22 Gb Total Space | 27.14 Gb Free Space | 46.62% Space Free | Partition Type: NTFS
Drive D: | 160.02 Gb Total Space | 16.06 Gb Free Space | 10.04% Space Free | Partition Type: NTFS

Computer Name: OEM-KOMPUTER | User Name: oem | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011/02/06 23:32:08 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\oem\Desktop\OTL.exe
PRC - [2010/07/04 19:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2010/04/26 10:06:44 | 000,096,112 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\Office Live\OfficeLiveSignIn.exe
PRC - [2010/01/13 23:45:58 | 001,552,736 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe
PRC - [2009/08/17 17:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/07/24 18:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/07/23 01:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/07/16 18:07:54 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/06/24 20:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 18:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 18:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
PRC - [2009/05/18 23:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/04/20 19:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2008/12/23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/14 04:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/07/19 03:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/03/31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2008/03/20 11:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files (x86)\Gadu-Gadu\gg.exe
PRC - [2007/11/30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [1999/10/30 15:03:44 | 000,352,768 | ---- | M] (Young Digital Poland) -- C:\Program Files (x86)\YDP\YdpDict\Watch.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011/02/06 23:32:08 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\oem\Desktop\OTL.exe
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2006/12/21 13:30:44 | 000,102,400 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files (x86)\Gadu-Gadu\ggwhook.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2009/09/17 19:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/10 01:32:52 | 000,128,224 | ---- | M] (SRS Labs, Inc.) [Auto | Running] -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe -- (SRS_VolSync_Service)
SRV:[b]64bit:[/b] - [2009/06/25 23:48:27 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2007/08/08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2010/09/13 20:30:43 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2010/09/13 20:30:41 | 000,042,696 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:[b]64bit:[/b] - [2010/04/27 03:25:20 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:[b]64bit:[/b] - [2010/04/27 03:25:20 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:[b]64bit:[/b] - [2010/04/27 03:25:20 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:[b]64bit:[/b] - [2010/03/07 23:03:21 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2009/10/05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009/07/20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009/07/17 07:00:11 | 000,068,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009/07/17 07:00:11 | 000,029,240 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2009/07/14 01:09:49 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023.sys -- (USB_RNDIS)
DRV:[b]64bit:[/b] - [2009/07/09 09:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2009/06/26 00:24:29 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009/06/18 20:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:[b]64bit:[/b] - [2009/06/12 12:41:55 | 000,112,128 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009/06/10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/06/05 11:53:42 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2009/06/05 11:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:[b]64bit:[/b] - [2009/05/22 23:52:29 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009/05/18 18:27:08 | 000,343,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SRS_PremiumSound_amd64.sys -- (SRS_PremiumSound_Service)
DRV:[b]64bit:[/b] - [2009/05/13 02:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2009/05/05 15:00:27 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:[b]64bit:[/b] - [2008/12/08 17:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2008/05/24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:[b]64bit:[/b] - [2008/04/07 07:00:45 | 000,007,168 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CRFILTER.sys -- (CRFILTER)
DRV:[b]64bit:[/b] - [2007/07/24 19:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/burn4free/{2D49D433-1F8F-4B9A-AC8C-880E00B2FC4A}
IE - HKLM\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files (x86)\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1925578532-4271527490-101651611-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-1925578532-4271527490-101651611-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1925578532-4271527490-101651611-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://onet.pl/
IE - HKU\S-1-5-21-1925578532-4271527490-101651611-1000\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files (x86)\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1925578532-4271527490-101651611-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1925578532-4271527490-101651611-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2269050&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.3.3
FF - prefs.js..extensions.enabledItems: {9d81af43-de53-48d0-a199-42c2a226b24c}:3.2.3.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..keyword.URL: "http://www.bigseekpro.com/search/toolbar/burn4free/{2D49D433-1F8F-4B9A-AC8C-880E00B2FC4A}?q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/18 19:50:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/14 12:54:31 | 000,000,000 | ---D | M]

[2010/03/15 01:20:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\oem\AppData\Roaming\mozilla\Extensions
[2011/01/08 21:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\oem\AppData\Roaming\mozilla\Firefox\Profiles\urckiko3.default\extensions
[2010/12/30 16:39:57 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\oem\AppData\Roaming\mozilla\Firefox\Profiles\urckiko3.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010/11/26 00:12:29 | 000,000,000 | ---D | M] (Softonic Deutsch FF Community Toolbar) -- C:\Users\oem\AppData\Roaming\mozilla\Firefox\Profiles\urckiko3.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}
[2010/12/09 23:34:37 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\oem\AppData\Roaming\mozilla\Firefox\Profiles\urckiko3.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/11/26 00:12:28 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\oem\AppData\Roaming\mozilla\Firefox\Profiles\urckiko3.default\extensions\engine@conduit.com
[2011/01/02 12:56:46 | 000,000,873 | ---- | M] () -- C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\urckiko3.default\searchplugins\conduit.xml
[2010/11/12 13:27:10 | 000,002,376 | ---- | M] () -- C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\urckiko3.default\searchplugins\search.xml
[2011/01/05 18:51:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010/06/18 00:35:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/08 12:30:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/16 02:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2010/01/16 02:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2010/01/16 02:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2010/01/16 02:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2010/01/16 02:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010/01/16 02:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files (x86)\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\ProgramData\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files (x86)\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1925578532-4271527490-101651611-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1925578532-4271527490-101651611-1000\..\Toolbar\WebBrowser: (Softonic Deutsch FF Toolbar) - {9D81AF43-DE53-48D0-A199-42C2A226B24C} - C:\Program Files (x86)\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1925578532-4271527490-101651611-1000..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1925578532-4271527490-101651611-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: Free YouTube Download - C:\Users\oem\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\oem\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\oem\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\oem\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1925578532-4271527490-101651611-1000\..Trusted Domains: p2mforum.info ([]https in Zaufane witryny)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.5
O18:[b]64bit:[/b] - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7debf458-529b-11df-8ed3-90e6ba858d2f}\Shell - "" = AutoRun
O33 - MountPoints2\{7debf458-529b-11df-8ed3-90e6ba858d2f}\Shell\AutoRun\command - "" = F:\Install.exe
O33 - MountPoints2\{b321a530-2a35-11df-a952-90e6ba858d2f}\Shell - "" = AutoRun
O33 - MountPoints2\{b321a530-2a35-11df-a952-90e6ba858d2f}\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011/02/07 00:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/02/07 00:22:48 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/02/06 23:55:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ToniArts
[2011/02/06 23:55:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyCleaner
[2011/02/06 23:54:12 | 002,951,802 | ---- | C] (InstallShield Software Corporation) -- C:\Users\oem\Desktop\EClea2_0.exe
[2011/02/06 23:31:52 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\oem\Desktop\OTL.exe
[2011/02/06 22:51:37 | 000,000,000 | ---D | C] -- C:\Users\oem\AppData\Roaming\Malwarebytes
[2011/02/06 22:51:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/02/06 22:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/06 22:51:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/02/06 22:51:21 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/02/06 22:51:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/01/30 20:38:15 | 000,000,000 | ---D | C] -- C:\Users\oem\AppData\Roaming\Thinstall
[2011/01/30 20:38:10 | 007,902,916 | ---- | C] (Young Digital Poland) -- C:\Users\oem\Desktop\Słownik Collinsa 2.5 PL.exe
[2011/01/30 20:38:10 | 000,000,000 | ---D | C] -- C:\Users\oem\Desktop\Słownik Collinsa v2.5 PL - PORTABLE
[2011/01/25 20:25:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mp3DirectCut
[2011/01/12 18:13:16 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011/01/12 18:13:16 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011/01/12 18:13:13 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2011/01/12 18:13:12 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011/01/12 18:13:12 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2011/01/12 18:13:12 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011/01/12 18:13:12 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011/01/12 18:13:11 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2011/01/12 18:13:11 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2011/01/12 18:13:10 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2011/01/12 18:13:10 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011/01/12 18:13:10 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/01/12 18:13:09 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2011/01/12 18:13:09 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/01/12 18:13:09 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/01/12 18:13:09 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2011/01/12 18:13:08 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2011/01/12 18:13:08 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/01/12 18:13:08 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2011/01/12 18:13:08 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011/01/12 18:13:07 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2011/01/12 18:13:07 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011/01/12 18:13:07 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2011/01/12 18:13:07 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2011/01/12 18:13:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/01/12 18:13:07 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2011/01/12 18:13:07 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011/01/12 18:13:07 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011/01/12 18:13:07 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2008/08/12 05:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011/02/07 15:39:59 | 004,456,448 | -HS- | M] () -- C:\Users\oem\ntuser.dat
[2011/02/07 15:32:04 | 000,072,192 | ---- | M] () -- C:\Users\oem\Desktop\Lista_uczelni_Erasmusa_2011_2012_SM.xls
[2011/02/07 15:23:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/07 12:12:07 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/07 12:12:07 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/07 12:04:54 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011/02/07 12:04:40 | 1609,916,416 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/07 01:17:05 | 003,246,837 | -H-- | M] () -- C:\Users\oem\AppData\Local\IconCache.db
[2011/02/07 00:28:24 | 000,217,488 | ---- | M] () -- C:\Users\oem\Desktop\SPTDinst-v176-x64.exe
[2011/02/07 00:25:06 | 001,029,290 | ---- | M] () -- C:\Users\oem\Documents\cckopiazapasowa_20110207_002416.reg
[2011/02/07 00:22:49 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/02/06 23:54:18 | 002,951,802 | ---- | M] (InstallShield Software Corporation) -- C:\Users\oem\Desktop\EClea2_0.exe
[2011/02/06 23:37:26 | 000,065,536 | -HS- | M] () -- C:\Users\oem\ntuser.dat{a59cbe99-3212-11e0-bd29-90e6ba858d2f}.TM.blf
[2011/02/06 23:37:25 | 000,524,288 | -HS- | M] () -- C:\Users\oem\ntuser.dat{a59cbe99-3212-11e0-bd29-90e6ba858d2f}.TMContainer00000000000000000002.regtrans-ms
[2011/02/06 23:37:25 | 000,524,288 | -HS- | M] () -- C:\Users\oem\ntuser.dat{a59cbe99-3212-11e0-bd29-90e6ba858d2f}.TMContainer00000000000000000001.regtrans-ms
[2011/02/06 23:32:08 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\oem\Desktop\OTL.exe
[2011/02/06 23:26:23 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl
[2011/02/06 22:51:27 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/06 22:39:33 | 000,071,108 | ---- | M] () -- C:\Users\oem\Desktop\fce.zip
[2011/02/06 22:39:16 | 000,381,796 | ---- | M] () -- C:\Users\oem\Desktop\deutsch_im_buro.zip
[2011/02/06 20:54:47 | 001,536,718 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/02/06 20:54:47 | 000,692,322 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2011/02/06 20:54:47 | 000,611,332 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/02/06 20:54:47 | 000,133,892 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2011/02/06 20:54:47 | 000,105,512 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/02/06 19:37:15 | 000,016,347 | ---- | M] () -- C:\Users\oem\Desktop\Formularz zgłoszeniowy - program Erasmus.htm
[2011/02/06 18:01:03 | 269,929,294 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/02/04 18:00:47 | 015,053,834 | ---- | M] () -- C:\Users\oem\Desktop\Get Far - Free (Muzzaik Remix).mp3
[2011/02/03 01:32:09 | 000,000,186 | ---- | M] () -- C:\Windows\YdpDict.ini
[2011/02/01 22:38:27 | 014,966,784 | ---- | M] () -- C:\Users\oem\Desktop\01-dj_gregory-damelo_-_3A_-_125_99.mp3
[2011/02/01 22:28:55 | 016,351,608 | ---- | M] () -- C:\Users\oem\Desktop\KRS One & Microfunk - Sound Of Da Pecan (Riva Starr Rechunk).mp3
[2011/01/30 23:57:07 | 046,424,423 | ---- | M] () -- C:\Users\oem\Desktop\PeeterVee & Ambra Club Promo mix Luty 2011.mp3
[2011/01/30 16:10:22 | 000,147,182 | ---- | M] () -- C:\Users\oem\Desktop\Economics_of_Digital_Bundling_The_Impacts_of_Digitization_on_the_Music_Industry.pdf
[2011/01/30 16:07:57 | 000,213,566 | ---- | M] () -- C:\Users\oem\Desktop\An_Economic_and_Legal_Analysis_of_the_Effect_of_Digital_Technology_on_the_Music_Industry.pdf
[2011/01/30 00:09:41 | 000,070,616 | ---- | M] () -- C:\Users\oem\Desktop\2e881e4b204e117097ecd559b09f81a1.jpg
[2011/01/25 20:31:56 | 003,632,862 | ---- | M] () -- C:\Users\oem\Desktop\Angus & Julia Stone - You're the one that I want - Rolling Session#12 Track 02.mp3
[2011/01/25 20:31:56 | 000,135,816 | ---- | M] () -- C:\Users\oem\Desktop\Angus & Julia Stone - You're the one that I want - Rolling Session#12 Track 01.mp3
[2011/01/25 20:25:21 | 000,001,061 | ---- | M] () -- C:\Users\oem\Desktop\mp3DirectCut.lnk
[2011/01/25 20:04:27 | 017,452,888 | ---- | M] () -- C:\Users\oem\Desktop\Arado & Den Ishu - Uganda Express (Original Mix) [4clubber.pl].mp3
[2011/01/23 02:13:53 | 000,059,024 | ---- | M] () -- C:\Users\oem\Desktop\25540_379430381355_365431991355_4287956_7079624_n.jpg
[2011/01/23 02:09:17 | 000,036,632 | ---- | M] () -- C:\Users\oem\Desktop\28092_395833931355_365431991355_4687057_4468523_n.jpg
[2011/01/23 02:08:20 | 000,082,388 | ---- | M] () -- C:\Users\oem\Desktop\28292_401959406355_365431991355_4860484_3482646_n.jpg
[2011/01/10 19:38:51 | 000,123,671 | ---- | M] () -- C:\Users\oem\Desktop\luis-royo-observer-1--large-msg-12034431818.jpg
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011/02/07 00:28:22 | 000,217,488 | ---- | C] () -- C:\Users\oem\Desktop\SPTDinst-v176-x64.exe
[2011/02/07 00:24:30 | 001,029,290 | ---- | C] () -- C:\Users\oem\Documents\cckopiazapasowa_20110207_002416.reg
[2011/02/07 00:22:49 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/02/06 23:26:23 | 000,000,011 | R--- | C] () -- C:\Windows\amunres.lsl
[2011/02/06 22:51:27 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/06 22:39:33 | 000,071,108 | ---- | C] () -- C:\Users\oem\Desktop\fce.zip
[2011/02/06 22:39:13 | 000,381,796 | ---- | C] () -- C:\Users\oem\Desktop\deutsch_im_buro.zip
[2011/02/06 19:37:14 | 000,016,347 | ---- | C] () -- C:\Users\oem\Desktop\Formularz zgłoszeniowy - program Erasmus.htm
[2011/02/06 18:01:19 | 000,524,288 | -HS- | C] () -- C:\Users\oem\ntuser.dat{a59cbe99-3212-11e0-bd29-90e6ba858d2f}.TMContainer00000000000000000002.regtrans-ms
[2011/02/06 18:01:18 | 000,524,288 | -HS- | C] () -- C:\Users\oem\ntuser.dat{a59cbe99-3212-11e0-bd29-90e6ba858d2f}.TMContainer00000000000000000001.regtrans-ms
[2011/02/06 18:01:18 | 000,065,536 | -HS- | C] () -- C:\Users\oem\ntuser.dat{a59cbe99-3212-11e0-bd29-90e6ba858d2f}.TM.blf
[2011/02/06 18:01:03 | 269,929,294 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/02/04 18:00:43 | 015,053,834 | ---- | C] () -- C:\Users\oem\Desktop\Get Far - Free (Muzzaik Remix).mp3
[2011/02/01 22:38:26 | 014,966,784 | ---- | C] () -- C:\Users\oem\Desktop\01-dj_gregory-damelo_-_3A_-_125_99.mp3
[2011/02/01 22:28:31 | 016,351,608 | ---- | C] () -- C:\Users\oem\Desktop\KRS One & Microfunk - Sound Of Da Pecan (Riva Starr Rechunk).mp3
[2011/01/30 23:57:07 | 046,424,423 | ---- | C] () -- C:\Users\oem\Desktop\PeeterVee & Ambra Club Promo mix Luty 2011.mp3
[2011/01/30 16:10:21 | 000,147,182 | ---- | C] () -- C:\Users\oem\Desktop\Economics_of_Digital_Bundling_The_Impacts_of_Digitization_on_the_Music_Industry.pdf
[2011/01/30 16:07:46 | 000,213,566 | ---- | C] () -- C:\Users\oem\Desktop\An_Economic_and_Legal_Analysis_of_the_Effect_of_Digital_Technology_on_the_Music_Industry.pdf
[2011/01/30 00:11:14 | 000,070,616 | ---- | C] () -- C:\Users\oem\Desktop\2e881e4b204e117097ecd559b09f81a1.jpg
[2011/01/25 20:31:56 | 003,632,862 | ---- | C] () -- C:\Users\oem\Desktop\Angus & Julia Stone - You're the one that I want - Rolling Session#12 Track 02.mp3
[2011/01/25 20:31:56 | 000,135,816 | ---- | C] () -- C:\Users\oem\Desktop\Angus & Julia Stone - You're the one that I want - Rolling Session#12 Track 01.mp3
[2011/01/25 20:25:21 | 000,001,061 | ---- | C] () -- C:\Users\oem\Desktop\mp3DirectCut.lnk
[2011/01/25 20:04:20 | 017,452,888 | ---- | C] () -- C:\Users\oem\Desktop\Arado & Den Ishu - Uganda Express (Original Mix) [4clubber.pl].mp3
[2011/01/24 19:02:52 | 000,072,192 | ---- | C] () -- C:\Users\oem\Desktop\Lista_uczelni_Erasmusa_2011_2012_SM.xls
[2011/01/23 02:14:10 | 000,059,024 | ---- | C] () -- C:\Users\oem\Desktop\25540_379430381355_365431991355_4287956_7079624_n.jpg
[2011/01/23 02:09:45 | 000,082,388 | ---- | C] () -- C:\Users\oem\Desktop\28292_401959406355_365431991355_4860484_3482646_n.jpg
[2011/01/23 02:09:25 | 000,036,632 | ---- | C] () -- C:\Users\oem\Desktop\28092_395833931355_365431991355_4687057_4468523_n.jpg
[2011/01/10 19:39:03 | 000,123,671 | ---- | C] () -- C:\Users\oem\Desktop\luis-royo-observer-1--large-msg-12034431818.jpg
[2010/08/20 08:08:31 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2010/05/06 18:01:12 | 000,000,000 | ---- | C] () -- C:\Users\oem\AppData\Local\TempuK5064.html
[2010/05/06 18:01:12 | 000,000,000 | ---- | C] () -- C:\Users\oem\AppData\Local\TempFT5064.html
[2010/05/03 12:47:59 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010/05/03 12:41:09 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/04/28 09:23:00 | 002,729,472 | ---- | C] () -- C:\Windows\SysWow64\fun_avcodec.dll
[2010/04/27 19:36:54 | 000,000,167 | ---- | C] () -- C:\Windows\usdthank.ini
[2010/04/27 19:36:54 | 000,000,031 | ---- | C] () -- C:\Windows\idc.ini
[2010/04/18 20:25:23 | 000,021,052 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010/04/18 20:25:23 | 000,015,144 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010/04/18 20:25:23 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010/04/18 20:25:22 | 000,000,186 | ---- | C] () -- C:\Windows\YdpDict.ini
[2010/03/30 20:09:59 | 000,005,632 | ---- | C] () -- C:\Users\oem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/20 13:44:34 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/03/13 18:08:09 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/03/13 18:08:08 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/03/13 18:08:05 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/03/13 18:08:05 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/03/13 18:08:02 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2010/03/13 18:08:01 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/03/07 23:09:51 | 000,000,709 | ---- | C] () -- C:\Windows\CoD.INI
[2010/03/07 22:40:42 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/03/07 12:48:06 | 000,002,432 | ---- | C] () -- C:\Users\oem\AppData\Local\TempFc4940.html
[2010/03/07 12:48:06 | 000,002,089 | ---- | C] () -- C:\Users\oem\AppData\Local\TempWa4940.html
[2010/03/07 00:56:26 | 003,246,837 | -H-- | C] () -- C:\Users\oem\AppData\Local\IconCache.db
[2010/02/01 17:29:01 | 000,119,224 | ---- | C] () -- C:\Users\oem\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/10/22 09:23:08 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/10/22 08:59:48 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/10/22 08:59:20 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2009/08/19 09:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 06:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2009/07/14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2009/07/14 03:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009/07/14 03:34:57 | 000,000,524 | ---- | C] () -- C:\Windows\win.ini
[2009/07/14 03:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/04/08 18:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/05/22 16:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2007/06/12 17:34:50 | 000,035,822 | ---- | C] () -- C:\Program Files (x86)\Common Files\ASPG_icon.ico
[2003/04/08 11:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI

[color=#E56717]========== LOP Check ==========[/color]

[2010/10/23 15:45:03 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\BESTplayer
[2010/03/07 23:09:44 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\DAEMON Tools Lite
[2010/12/09 23:34:05 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\DVDVideoSoft
[2010/12/09 23:34:37 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/03/07 14:21:39 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Gadu-Gadu
[2010/03/07 12:44:48 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Gadu-Gadu 10
[2010/05/17 19:49:25 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\PhotoFiltre
[2010/12/11 17:12:11 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Samsung
[2011/01/30 20:38:15 | 000,000,000 | ---D | M] -- C:\Users\oem\AppData\Roaming\Thinstall
[2010/12/16 15:26:36 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 24 bytes -> C:\Windows:6C7057E77732DEE5

< End of report >[/code]






OTL Extras logfile created on: 2/7/2011 3:37:52 PM - Run 2
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\oem\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 60.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58.22 Gb Total Space | 27.14 Gb Free Space | 46.62% Space Free | Partition Type: NTFS
Drive D: | 160.02 Gb Total Space | 16.06 Gb Free Space | 10.04% Space Free | Partition Type: NTFS

Computer Name: OEM-KOMPUTER | User Name: oem | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1925578532-4271527490-101651611-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound
"{4BDE1305-35D5-56F3-8B91-5BF29A8DB939}" = ATI Catalyst Install Manager
"{5F0C3F07-B6EF-C641-C4BD-7E202A194121}" = ccc-utility64
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum obsługi urządzeń z systemem Windows Mobile
"{877924AA-E044-4266-B37D-E974CD799934}" = Bonjour
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040E-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Hungarian) 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{90120000-002A-0418-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Romanian) 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90120000-002A-0424-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovenian) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95F7B3C3-3D4C-471B-982A-76DB26E0EA2B}" = Bezpieczeństwo rodzinne usługi Windows Live
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Asystent rejestrowania za pomocą identyfikatora Windows Live
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.5.5_WHQL
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"WinRAR archiver" = Archiwizator WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{0824E481-EB8E-A53B-5CA6-6EC82B29240F}" = CCC Help Russian
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B63BF75-9F0A-4E93-A69D-BDCC6A26C4B1}" = Podstawowe programy Windows Live
"{13581A3D-28FF-4DDC-0E6D-E585F4E432AE}" = CCC Help Korean
"{1967D67C-6F3F-4001-9644-BAC704F7EE84}" = Samsung PC Studio
"{1A786741-2D69-38F8-25A0-87D483FF893F}" = CCC Help French
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}" = Windows Live Messenger
"{35BEFF48-53E9-C955-5D24-D9F207C82954}" = CCC Help Portuguese
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40CC0CC6-C1BA-476D-98CF-5430DA439B4F}" = Galeria fotografii usługi Windows Live
"{43923CFF-E3EF-EC15-8F7A-D50F11AC8E38}" = Catalyst Control Center Core Implementation
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A5943DD-F562-48C0-BC11-7F0442B0CBF7}" = Windows Live Toolbar
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4F5B18A3-E921-4FFE-BEF4-ACBB98964FC2}" = AMD USB Filter Driver
"{552636E5-1274-9229-10A6-EE56638524D3}" = CCC Help German
"{5A186C42-F699-1207-7D8B-034120FBEFD4}" = CCC Help Dutch
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{724015FC-1175-CE89-667E-5C715EEB5052}" = CCC Help Italian
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78704F80-9845-BA22-DD52-DF1F88D8C8E8}" = CCC Help Czech
"{78CDB125-7541-33BA-11E0-55CF7346FD9D}" = CCC Help Chinese Standard
"{7A4A6C58-C772-DEB7-ADE5-7AA3D8393FDA}" = CCC Help English
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7F6ED92F-459D-E40B-BD80-B87B3E852C0A}" = Catalyst Control Center Graphics Previews Vista
"{80E91367-66B4-9D48-D78E-17C3B5AFB83C}" = Catalyst Control Center Graphics Light
"{81601299-AD02-403C-9A47-93C509FE2EC2}" = Catalyst Control Center - Branding
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C99425-1095-A10F-8622-D949180EFA83}" = CCC Help Norwegian
"{86209DE5-0642-1ADA-3060-0698374B84A1}" = CCC Help Danish
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hungarian) 2007
"{90120000-0015-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0418-0000-0000000FF1CE}" = Microsoft Office Access MUI (Romanian) 2007
"{90120000-0015-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0424-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovenian) 2007
"{90120000-0015-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hungarian) 2007
"{90120000-0016-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0418-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Romanian) 2007
"{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0424-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovenian) 2007
"{90120000-0016-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hungarian) 2007
"{90120000-0018-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0418-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Romanian) 2007
"{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0424-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovenian) 2007
"{90120000-0018-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hungarian) 2007
"{90120000-0019-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0418-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Romanian) 2007
"{90120000-0019-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0424-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovenian) 2007
"{90120000-0019-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hungarian) 2007
"{90120000-001A-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0418-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Romanian) 2007
"{90120000-001A-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0424-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovenian) 2007
"{90120000-001A-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hungarian) 2007
"{90120000-001B-040E-0000-0000000FF1CE}_PROHYBRIDR_{077B54FF-6531-42E7-9D6A-93B0B029CFA0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0418-0000-0000000FF1CE}" = Microsoft Office Word MUI (Romanian) 2007
"{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0424-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovenian) 2007
"{90120000-001B-0424-0000-0000000FF1CE}_PROHYBRIDR_{CAC07BC7-D855-4A94-B1DB-5154D99BFBE0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROHYBRIDR_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_PROHYBRIDR_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROHYBRIDR_{6E3398C5-9A81-4054-B474-8B23A60F5048}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2007
"{90120000-001F-041A-0000-0000000FF1CE}_PROHYBRIDR_{C9CC66D9-D7D3-46C1-A485-9601E4DE8D28}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2007
"{90120000-001F-0424-0000-0000000FF1CE}_PROHYBRIDR_{6E8DFF8D-F7D1-4451-952A-61CAB73A59E2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-040E-1000-0000000FF1CE}_PROHYBRIDR_{B3C14F81-2C4A-400D-9ECE-55A667F8F737}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0415-1000-0000000FF1CE}_PROHYBRIDR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0418-1000-0000000FF1CE}_PROHYBRIDR_{CEDDCA72-ED57-4CE5-B55D-A50EE2CD3CCF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-041B-1000-0000000FF1CE}_PROHYBRIDR_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0424-1000-0000000FF1CE}_PROHYBRIDR_{5983F0B6-A661-4378-AEA8-9EB1992D2FB0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040E-0000-0000000FF1CE}" = Microsoft Office Proofing (Hungarian) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-002C-0418-0000-0000000FF1CE}" = Microsoft Office Proofing (Romanian) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-002C-0424-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovenian) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hungarian) 2007
"{90120000-006E-040E-0000-0000000FF1CE}_PROHYBRIDR_{B3C14F81-2C4A-400D-9ECE-55A667F8F737}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_PROHYBRIDR_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0418-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Romanian) 2007
"{90120000-006E-0418-0000-0000000FF1CE}_PROHYBRIDR_{CEDDCA72-ED57-4CE5-B55D-A50EE2CD3CCF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROHYBRIDR_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0424-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovenian) 2007
"{90120000-006E-0424-0000-0000000FF1CE}_PROHYBRIDR_{5983F0B6-A661-4378-AEA8-9EB1992D2FB0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9091F4E3-6A00-562A-DDF6-ECB1704F45B2}" = CCC Help Spanish
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{914544F7-4EB6-9F54-6217-D76997EB9E06}" = Catalyst Control Center InstallProxy
"{97635F88-6774-7C96-B872-A4949A4FE06B}" = ccc-core-static
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3E59DE5-46A8-68FB-7A2E-4507D2B7C1EC}" = Catalyst Control Center Localization All
"{A765D3FB-AE33-FAA0-E725-21E6558D8147}" = CCC Help Finnish
"{A8033DE8-2D2C-8730-5D35-8800C92560DE}" = CCC Help Polish
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.1 - Polish
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEAC0128-8947-0E77-860F-3BD0735F31E5}" = CCC Help Turkish
"{B8D52C7C-9460-7F82-C092-C0197B1138A1}" = CCC Help Swedish
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF192C65-04BE-3F5D-632F-51132799CDE0}" = Catalyst Control Center Graphics Full New
"{C3335EFB-008F-44DB-A87A-9EC8EE53D045}" = Windows Live Sync
"{C50ED22A-B0D3-16D8-BE55-947DA0E6F986}" = CCC Help Thai
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{D0809476-5FF0-7724-27CB-BE73D216624A}" = CCC Help Hungarian
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader
"{DB4690C5-9015-401D-A96C-A49909B7C372}" = Poczta usługi Windows Live
"{DB5C5CB4-3519-1D95-EF98-0356ABFAFAF8}" = CCC Help Japanese
"{DD49053A-0140-44EF-AE75-C4BC1FDB8286}" = Windows Live Writer
"{E52C74AA-4E7E-51ED-B738-0D24922BE597}" = Catalyst Control Center Graphics Full Existing
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F71AA0EC-15E4-6F63-3C9C-7E8D8D756EC5}" = CCC Help Chinese Traditional
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FEE0F194-7D6C-A7BF-F12E-96ABE64F5132}" = CCC Help Greek
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Call of Duty" = Call of Duty
"conduitEngine" = Conduit Engine
"FormatFactory" = FormatFactory 2.60
"FREE Hi-Q Recorder_is1" = FREE Hi-Q Recorder 1.92
"Free Studio_is1" = Free Studio version 5.0.2
"Gadu-Gadu" = Gadu-Gadu 7.7
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.8.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MoorHunt_is1" = MoorHunt 0.6.7.2
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"PROHYBRIDR" = 2007 Microsoft Office system
"RealAlt_is1" = Real Alternative 2.0.0
"Softonic_Deutsch_FF Toolbar" = Softonic Deutsch FF Toolbar
"Uninstall_is1" = Uninstall 1.0.0.1
"USB Mass Storage Filter Driver" = Multimedia Card Reader
"Vodafone WCDMA Composite Device Drive" = Vodafone WCDMA Composite Device Drive Software
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Podstawowe programy Windows Live
"YdpDict200" = Słownik YDP (niemiecko-polski, polsko-niemiecki)

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-1925578532-4271527490-101651611-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre" = PhotoFiltre
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 12/16/2010 2:32:38 PM | Computer Name = oem-Komputer | Source = .NET Runtime Optimization Service | ID = 1111
Description =

Error - 12/16/2010 7:31:07 PM | Computer Name = oem-Komputer | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku
zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll"
w wierszu 3.  Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa.

Error - 12/16/2010 7:33:13 PM | Computer Name = oem-Komputer | Source = SideBySide | ID = 16842811
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\microsoft\search
enhancement pack\search helper\sepsearchhelperie.dll". Błąd w pliku manifestu lub
w pliku zasad "c:\program files (x86)\microsoft\search enhancement pack\search
helper\sepsearchhelperie.dll" w wierszu 2.  Nieprawidłowa składnia XML.

Error - 12/17/2010 1:31:59 AM | Computer Name = oem-Komputer | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 12/17/2010 7:26:19 AM | Computer Name = oem-Komputer | Source = .NET Runtime Optimization Service | ID = 1111
Description =

Error - 12/17/2010 7:26:21 AM | Computer Name = oem-Komputer | Source = .NET Runtime Optimization Service | ID = 1111
Description =

Error - 12/17/2010 1:14:13 PM | Computer Name = oem-Komputer | Source = .NET Runtime Optimization Service | ID = 1111
Description =

Error - 12/17/2010 1:14:14 PM | Computer Name = oem-Komputer | Source = .NET Runtime Optimization Service | ID = 1111
Description =

Error - 12/18/2010 6:06:20 AM | Computer Name = oem-Komputer | Source = .NET Runtime Optimization Service | ID = 1111
Description =

Error - 12/18/2010 6:06:22 AM | Computer Name = oem-Komputer | Source = .NET Runtime Optimization Service | ID = 1111
Description =

[ System Events ]
Error - 2/6/2011 7:39:04 PM | Computer Name = oem-Komputer | Source = Application Popup | ID = 1060
Description = Ładowanie sterownika \SystemRoot\SysWow64\Drivers\StarOpen.SYS zostało
zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania
w celu uzyskania zgodnej wersji sterownika.

Error - 2/6/2011 7:39:27 PM | Computer Name = oem-Komputer | Source = Application Popup | ID = 875
Description = Sterownik atksgt.sys został zablokowany dla ładowania.

Error - 2/6/2011 7:39:27 PM | Computer Name = oem-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi atksgt z powodu następującego błędu:   %%1275

Error - 2/6/2011 7:39:30 PM | Computer Name = oem-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   cdrom  StarOpen

Error - 2/7/2011 7:04:37 AM | Computer Name = oem-Komputer | Source = Application Popup | ID = 1060
Description = Ładowanie sterownika \SystemRoot\SysWow64\Drivers\StarOpen.SYS zostało
zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania
w celu uzyskania zgodnej wersji sterownika.

Error - 2/7/2011 7:04:55 AM | Computer Name = oem-Komputer | Source = Application Popup | ID = 875
Description = Sterownik atksgt.sys został zablokowany dla ładowania.

Error - 2/7/2011 7:04:55 AM | Computer Name = oem-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi atksgt z powodu następującego błędu:   %%1275

Error - 2/7/2011 7:05:00 AM | Computer Name = oem-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   cdrom  StarOpen

Error - 2/7/2011 9:02:47 AM | Computer Name = oem-Komputer | Source = Microsoft-Windows-HAL | ID = 12
Description = Oprogramowanie układowe platformy spowodowało uszkodzenie pamięci
podczas poprzedniego przejścia do innego trybu zasilania systemu. Sprawdź dostępność
zaktualizowanego oprogramowania układowego przeznaczonego do tego systemu.

Error - 2/7/2011 10:04:48 AM | Computer Name = oem-Komputer | Source = Service Control Manager | ID = 7011
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji
z usługi lmhosts.


< End of report >

Program Malwarebytes znalazł mi wczoraj Trojan.FakeAlert, który obecnie w znajduje sie w kwarantannie ww. programie. W systemie trojan ten
jest w c:\Users\oem\AppData\Local\Temp\nsk2AAB.tmp\NSISdlGG.dll

Wykonałam skanowanie OTLem z tym, że miałam wczesniej zainstalowaego Daemona i po odinstalowaniu w autostarcie nadal wyskakiwał Daemon Tools Lite i w liscie programów do odinstalowania nie było tego Daemona, więc usunełam klucz tego z rejestru autostartu ale nie wiem czy gdzieś wciąż nie siedzi. a co do tego SPDT też był problem, gdyż po ściągnięciu instalatora dla mojej wersji systemu czyli 64 bit
instalacja nie rozpoczyna się tylko wyskakuje bład, że ten program nie jest prawidłową aplikacją systemu Win32.
Mimo to zamieszczam logi...

[wojtas]

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
IE - HKLM\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files (x86)\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1925578532-4271527490-101651611-1000\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files (x86)\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2269050&SearchSource=13"
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.3.3
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..keyword.URL: "http://www.bigseekpro.com/search/toolbar/burn4free/{2D49D433-1F8F-4B9A-AC8C-880E00B2FC4A}?q="
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files (x86)\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Program Files (x86)\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1925578532-4271527490-101651611-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1925578532-4271527490-101651611-1000\..\Toolbar\WebBrowser: (Softonic Deutsch FF Toolbar) - {9D81AF43-DE53-48D0-A199-42C2A226B24C} - C:\Program Files (x86)\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
@Alternate Data Stream - 24 bytes -> C:\Windows:6C7057E77732DEE5

:Files
C:\Users\oem\AppData\Roaming\mozilla\Firefox\Profiles\urckiko3.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
C:\Users\oem\AppData\Roaming\mozilla\Firefox\Profiles\urckiko3.default\extensions\{9d81af43-de53-48d0-a199-42c2a226b24c}
C:\Users\oem\AppData\Roaming\mozilla\Firefox\Profiles\urckiko3.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
C:\Users\oem\AppData\Roaming\mozilla\Firefox\Profiles\urckiko3.default\extensions\engine@conduit.com
C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\urckiko3.default\searchplugins\conduit.xml
C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\urckiko3.default\searchplugins\search.xml
C:\Program Files (x86)\ConduitEngine
C:\Users\oem\AppData\Local\Temp*.html

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

:Commands
[emptytemp]
[emptyflash]

Kliknij wykonaj skrypt. I potwierdź reset komputera .



*Uruchom OTL z opcji sprzątanie.
* wykonaj optymalizację Windowsa ( instrukcja dla Windowsa XP, lecz w innych systemach jest podobnie )
* zrób pełny skan Malwarebytes Anti-Malware (zaktualizuj, usuń co znajdzie )
* Skasuj stan przywracania systemu


Zaktualizuj zabezpieczenia:
>>> Adobe Reader (bez Free McAfee® Security Scan Plus)
>>> Java™ 6 Update 23
>>> Mozilla Firefox