• Ogłoszenie:

Problem z działaniem routera/internetu

Bezpieczeństwo systemów, usuwanie wirusów, dobieranie programów antywirusowych. Obowiązkowe logi w tym dziale: trzy z FRST + Gmer.

Problem z działaniem routera/internetu

Postprzez Dragon2008 15 Cze 2012, 15:31

reklama
Cześć wszystkim ;).
Być może dość nieprecyzyjnie nazwałem temat, jednak innej, trafniejszej nazwy wymyślić nie potrafiłem.
Używam Windows 7. Od jakiegoś czasu mam problem z działaniem Sieci. Konkretnie np. od paru dni nie mogę wejść na stronę demotywatory.pl - długo się ładuje, aż w końcu wyświetla się informacja, że strona jest niedostępna. Korzystam głównie z Firefoxa - jednak próbowałem też w Google Chrome - sama strona demotywatory.pl wchodzi, ale po kliknięciu w lewym górnym logu na "Zalouj się" jest to samo - długo się ładuje, po czym otrzymuję błąd:
Kod: Zaznacz wszystko
Brak odebranych danych
Nie można wczytać strony internetowej, ponieważ serwer nie wysłał danych.
Oto kilka propozycji:
Ponownie załaduj tę stronę internetową później.
Błąd 324 (net::ERR_EMPTY_RESPONSE): Serwer zakończył połączenie bez wysyłania jakichkolwiek danych.
.

Nie jest to na pewno sprawa związana z moim komputerem, ponieważ próbowałem na różnych komputerach, z różnym oprogramowaniem antywirusowym itd. Gdy natomiast np. na laptopie połączę się z hotspotem WiFi z mojego Galaxy SII, strona demotywatorów chodzi bez problemu. Mam jeszcze problemy z funkcjonowaniem innych portali, takich jak MySpace (nie działa odtwarzanie muzyki). Doszedłem więc do wniosku, że to musi być coś z routerem, portami albo coś takiego. Zaniepokoiła mnie duża liczba połączeń, które widoczne są u mnie po wywałaniu polecenia netstat:

Połączeń tych jest jeszcze więcej, niż widać na screenie, jednak wyglądają one podobnie.
W ustawieniach routera nie mam podłączonych do swojej sieci żadnych obcych urządzeń, jedynie znane mi urządzenia, które zawsze korzystały w WiFi.
Dziwne, tak jak pisałem, wykluczam sprawy oprogramowania (dlatego nawet nie piszę, jakiego mam antywirusa, nie wrzucam logów systemowych itp.), bo korzystając z hotspota WiFi z sieci komórkowej wszystko działa bezproblemowo. Użyłem także programu AdwCleaner, stosując w nim opcję "Delete" - nic to nie pomogło, przynajmniej w tej kwestii, bo jakieś tam niby wpisy z rejestru i od toolbarów pokasował.

Czy ktoś wie, co można na to poradzić ?
Skromność, bez podpisu
Dragon2008
~user
 
Posty: 146
Dołączenie: 06 Kwi 2008, 11:53
Miejscowość: Grodków



Problem z działaniem routera/internetu

Postprzez Mike 15 Cze 2012, 16:42

W Start > Uruchom > cmd > ok > wpisz: nenstat > c:\netstat.txt > enter
Analogicznie w konsoli wpisz ipconfig /all > c:\ipconfig.txt

Na dysku C będziesz miał pliki nenstat.txt oraz ipconfig.txt - wklej tu ich zawartość.

Podaj model routera
Awatar użytkownika
Mike
*mod
 
Posty: 10264
Dołączenie: 16 Gru 2005, 13:30
Pochwały: 989



Problem z działaniem routera/internetu

Postprzez Dragon2008 17 Cze 2012, 13:00

Ok, wrzucam zawartość obu plików:
netstat:
Kod: Zaznacz wszystko
Aktywne poˆĄczenia

  Protok˘ˆ  Adres lokalny          Obcy adres             Stan
  TCP       127.0.0.1:1110         www:49474              OCZEKIWANIE_ZAMKN
  TCP       127.0.0.1:1110         www:49526              CZAS_OCZEKIWANIA
  TCP       127.0.0.1:1110         www:49531              OCZEKIWANIE_ZAMKN
  TCP       127.0.0.1:1110         www:49534              USTANOWIONO
  TCP       127.0.0.1:1110         www:49551              CZAS_OCZEKIWANIA
  TCP       127.0.0.1:1110         www:49569              USTANOWIONO
  TCP       127.0.0.1:1110         www:49571              USTANOWIONO
  TCP       127.0.0.1:1110         www:49573              USTANOWIONO
  TCP       127.0.0.1:1110         www:49574              USTANOWIONO
  TCP       127.0.0.1:1110         www:49575              USTANOWIONO
  TCP       127.0.0.1:1110         www:49578              USTANOWIONO
  TCP       127.0.0.1:1110         www:49580              USTANOWIONO
  TCP       127.0.0.1:1110         www:49583              USTANOWIONO
  TCP       127.0.0.1:49163        www:49164              USTANOWIONO
  TCP       127.0.0.1:49164        www:49163              USTANOWIONO
  TCP       127.0.0.1:49376        www:49377              USTANOWIONO
  TCP       127.0.0.1:49377        www:49376              USTANOWIONO
  TCP       127.0.0.1:49390        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49395        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49397        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49403        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49414        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49420        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49425        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49427        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49428        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49431        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49432        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49435        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49443        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49445        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49447        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49469        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49474        www:nfsd-status        OCZEKIWANIE_FIN__2
  TCP       127.0.0.1:49484        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49502        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49504        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49506        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       127.0.0.1:49531        www:nfsd-status        OCZEKIWANIE_FIN__2
  TCP       127.0.0.1:49534        www:nfsd-status        USTANOWIONO
  TCP       127.0.0.1:49569        www:nfsd-status        USTANOWIONO
  TCP       127.0.0.1:49571        www:nfsd-status        USTANOWIONO
  TCP       127.0.0.1:49573        www:nfsd-status        USTANOWIONO
  TCP       127.0.0.1:49574        www:nfsd-status        USTANOWIONO
  TCP       127.0.0.1:49575        www:nfsd-status        USTANOWIONO
  TCP       127.0.0.1:49578        www:nfsd-status        USTANOWIONO
  TCP       127.0.0.1:49580        www:nfsd-status        USTANOWIONO
  TCP       127.0.0.1:49583        www:nfsd-status        USTANOWIONO
  TCP       127.0.0.1:49585        www:nfsd-status        CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49158    h-app04-03:12975       USTANOWIONO
  TCP       192.168.1.100:49396    fa-in-f132:https       CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49405    fa-in-f132:https       CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49421    fa-in-f102:https       CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49426    fa-in-f102:https       CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49429    fa-in-f132:https       CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49430    fa-in-f102:https       CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49433    fa-in-f102:https       CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49434    fa-in-f102:https       CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49436    fa-in-f132:https       CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49444    bud01s10-in-f23:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49446    bud01s10-in-f23:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49448    par03s03-in-f31:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49471    fra07s07-in-f138:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49475    OCSP:http              OCZEKIWANIE_FIN__1
  TCP       192.168.1.100:49486    fa-in-f139:https       CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49503    217.96.43.173:https    CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49505    fra07s07-in-f113:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49507    fa-in-f139:https       CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49532    fa-in-f113:http        OCZEKIWANIE_FIN__1
  TCP       192.168.1.100:49535    muc03s01-in-f1:http    USTANOWIONO
  TCP       192.168.1.100:49538    muc03s01-in-f4:http    CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49539    130.117.190.231:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49540    ksn-msk-fe-1:https     CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49541    ksn-msk-fe-1:https     CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49542    130.117.190.231:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49543    130.117.190.231:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49544    130.117.190.231:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49547    65.55.58.195:http      CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49548    65.55.58.195:http      CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49549    130.117.190.231:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49550    130.117.190.231:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49554    64.4.11.20:http        CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49556    70.37.56.174:http      CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49557    130.117.190.231:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49558    130.117.190.231:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49560    192.221.103.254:http   CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49562    cds251:http            CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49563    130.117.190.231:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49565    cds445:http            CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49567    cds345:http            CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49568    130.117.190.231:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49570    addons-versioncheck-single1:https  USTANOWIONO
  TCP       192.168.1.100:49572    addons-star:https      USTANOWIONO
  TCP       192.168.1.100:49576    addons-versioncheck-single1:https  USTANOWIONO
  TCP       192.168.1.100:49577    addons-versioncheck-single1:https  USTANOWIONO
  TCP       192.168.1.100:49579    addons-versioncheck-single1:https  USTANOWIONO
  TCP       192.168.1.100:49581    addons-versioncheck-single1:https  USTANOWIONO
  TCP       192.168.1.100:49582    addons-versioncheck-single1:https  USTANOWIONO
  TCP       192.168.1.100:49584    supporters:https       USTANOWIONO
  TCP       192.168.1.100:49587    130.117.190.231:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49588    130.117.190.213:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49589    130.117.190.213:https  CZAS_OCZEKIWANIA
  TCP       192.168.1.100:49590    130.117.190.213:https  CZAS_OCZEKIWANIA


ipconfig:
Kod: Zaznacz wszystko
Konfiguracja IP systemu Windows

   Nazwa hosta . . . . . . . . . . . : Dragon-Komputer
   Sufiks podstawowej domeny DNS . . :
   Typ w©zˆa . . . . . . . . . . . . : Hybrydowy
   Routing IP wˆĄczony . . . . . . . : Nie
   Serwer WINS Proxy wˆĄczony. . . . : Nie

Karta Ethernet PoˆĄczenie lokalne 2:

   Sufiks DNS konkretnego poˆĄczenia :
   Opis. . . . . . . . . . . . . . . : TP-LINK TF-3200 10/100 Fast Ethernet Adapter
   Adres fizyczny. . . . . . . . . . : 94-0C-6D-84-C3-B7
   DHCP wˆĄczone . . . . . . . . . . : Tak
   Autokonfiguracja wˆĄczona . . . . : Tak
   Adres IPv6 poˆĄczenia lokalnego . : fe80::b529:57ba:cdda:c1b3%15(Preferowane)
   Adres IPv4. . . . . . . . . . . . . : 192.168.1.100(Preferowane)
   Maska podsieci. . . . . . . . . . : 255.255.255.0
   Dzierľawa uzyskana. . . . . . . . : 17 czerwca 2012 12:50:44
   Dzierľawa wygasa. . . . . . . . . : 18 czerwca 2012 12:50:44
   Brama domy˜lna. . . . . . . . . . : 192.168.1.1
   Serwer DHCP . . . . . . . . . . . : 192.168.1.1
   Identyfikator IAID DHCPv6 . . . . : 445910125
   Identyfikator DUID klienta DHCPv6 : 00-01-00-01-14-81-DF-61-00-1F-D0-84-AF-01
   Serwery DNS . . . . . . . . . . . : 192.168.1.1
   NetBIOS przez Tcpip . . . . . . . : WˆĄczony

Karta Ethernet PoˆĄczenie lokalne:

   Stan no˜nika . . . .  . . . . . . .: No˜nik odˆĄczony
   Sufiks DNS konkretnego poˆĄczenia :
   Opis. . . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Adres fizyczny. . . . . . . . . . : 00-1F-D0-84-AF-01
   DHCP wˆĄczone . . . . . . . . . . : Tak
   Autokonfiguracja wˆĄczona . . . . : Tak

Karta Ethernet Hamachi:

   Sufiks DNS konkretnego poˆĄczenia :
   Opis. . . . . . . . . . . . . . . : Hamachi Network Interface
   Adres fizyczny. . . . . . . . . . : 7A-79-05-A0-70-37
   DHCP wˆĄczone . . . . . . . . . . : Tak
   Autokonfiguracja wˆĄczona . . . . : Tak
   Adres IPv6. . . . . . . . . . . . : 2620:9b::5a0:7037(Preferowane)
   Adres IPv6 poˆĄczenia lokalnego . : fe80::a894:9eeb:a7f1:4d49%18(Preferowane)
   Adres IPv4. . . . . . . . . . . . . : 5.160.112.55(Preferowane)
   Maska podsieci. . . . . . . . . . : 255.0.0.0
   Dzierľawa uzyskana. . . . . . . . : 17 czerwca 2012 12:50:44
   Dzierľawa wygasa. . . . . . . . . : 17 czerwca 2013 12:52:50
   Brama domy˜lna. . . . . . . . . . : 5.0.0.1
   Serwer DHCP . . . . . . . . . . . : 5.0.0.1
   Identyfikator IAID DHCPv6 . . . . : 595229097
   Identyfikator DUID klienta DHCPv6 : 00-01-00-01-14-81-DF-61-00-1F-D0-84-AF-01
   Serwery DNS . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS przez Tcpip . . . . . . . : WˆĄczony

Karta tunelowa isatap.{80E82F21-5692-4684-A6D3-D13C88B9CCAA}:

   Stan no˜nika . . . .  . . . . . . .: No˜nik odˆĄczony
   Sufiks DNS konkretnego poˆĄczenia :
   Opis. . . . . . . . . . . . . . . : Karta Microsoft ISATAP
   Adres fizyczny. . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP wˆĄczone . . . . . . . . . . : Nie
   Autokonfiguracja wˆĄczona . . . . : Tak

Karta tunelowa Teredo Tunneling Pseudo-Interface:

   Sufiks DNS konkretnego poˆĄczenia :
   Opis. . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Adres fizyczny. . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP wˆĄczone . . . . . . . . . . : Nie
   Autokonfiguracja wˆĄczona . . . . : Tak
   Adres IPv6. . . . . . . . . . . . : 2001:0:5ef5:79fd:816:2069:acf5:70d(Preferowane)
   Adres IPv6 poˆĄczenia lokalnego . : fe80::816:2069:acf5:70d%13(Preferowane)
   Brama domy˜lna. . . . . . . . . . :
   NetBIOS przez Tcpip . . . . . . . : WyˆĄczony

Karta tunelowa isatap.{EC78545A-6E0F-4A0F-A74B-43409EEC2F6F}:

   Stan no˜nika . . . .  . . . . . . .: No˜nik odˆĄczony
   Sufiks DNS konkretnego poˆĄczenia :
   Opis. . . . . . . . . . . . . . . : Karta Microsoft ISATAP #3
   Adres fizyczny. . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP wˆĄczone . . . . . . . . . . : Nie
   Autokonfiguracja wˆĄczona . . . . : Tak

Karta tunelowa Reusable ISATAP Interface {47E298EF-D2D4-43D5-9388-7B7147160206}:

   Stan no˜nika . . . .  . . . . . . .: No˜nik odˆĄczony
   Sufiks DNS konkretnego poˆĄczenia :
   Opis. . . . . . . . . . . . . . . : Karta Microsoft ISATAP #4
   Adres fizyczny. . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP wˆĄczone . . . . . . . . . . : Nie
   Autokonfiguracja wˆĄczona . . . . : Tak

Karta tunelowa isatap.{41095E9B-DB3E-454A-B01D-2AEF8CAF4332}:

   Stan no˜nika . . . .  . . . . . . .: No˜nik odˆĄczony
   Sufiks DNS konkretnego poˆĄczenia :
   Opis. . . . . . . . . . . . . . . : Karta Microsoft ISATAP #5
   Adres fizyczny. . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP wˆĄczone . . . . . . . . . . : Nie
   Autokonfiguracja wˆĄczona . . . . : Tak

Karta tunelowa isatap.{7B0F2B96-D201-48BA-9FAB-AFF62F345A3B}:

   Stan no˜nika . . . .  . . . . . . .: No˜nik odˆĄczony
   Sufiks DNS konkretnego poˆĄczenia :
   Opis. . . . . . . . . . . . . . . : Karta Microsoft ISATAP #6
   Adres fizyczny. . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP wˆĄczone . . . . . . . . . . : Nie
   Autokonfiguracja wˆĄczona . . . . : Tak


Router to TP-LINK TD-W8960N.
Skromność, bez podpisu
Dragon2008
~user
 
Posty: 146
Dołączenie: 06 Kwi 2008, 11:53
Miejscowość: Grodków



Problem z działaniem routera/internetu

Postprzez Mike 17 Cze 2012, 15:12

Awatar użytkownika
Mike
*mod
 
Posty: 10264
Dołączenie: 16 Gru 2005, 13:30
Pochwały: 989



Problem z działaniem routera/internetu

Postprzez Dragon2008 17 Cze 2012, 16:18

Wrzucam logi:
OTL:
Kod: Zaznacz wszystko
OTL logfile created on: 2012-06-17 16:10:34 - Run 3
OTL by OldTimer - Version 3.2.49.0     Folder = D:\Downloads\Nowe
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,48 Gb Available Physical Memory | 62,08% Memory free
8,00 Gb Paging File | 6,19 Gb Available in Paging File | 77,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 23,85 Gb Free Space | 40,77% Space Free | Partition Type: NTFS
Drive D: | 372,53 Gb Total Space | 215,24 Gb Free Space | 57,78% Space Free | Partition Type: NTFS
Drive J: | 1,12 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: DRAGON-KOMPUTER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-06-17 16:01:46 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Downloads\Nowe\OTL(1).exe
PRC - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-05-05 00:40:04 | 000,924,600 | ---- | M] (Mozilla Corporation) -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-03-31 04:38:26 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012-03-31 04:38:14 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012-03-15 07:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2012-02-28 18:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012-02-09 13:44:10 | 000,531,328 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2012-02-09 13:44:06 | 002,509,184 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
PRC - [2012-01-04 14:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011-10-15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011-08-30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011-06-15 14:51:08 | 000,683,352 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
PRC - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
PRC - [2010-11-27 13:39:13 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe
PRC - [2010-11-27 13:39:13 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe
PRC - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009-02-24 16:47:06 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-05-05 00:40:04 | 001,952,696 | ---- | M] () -- D:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012-04-12 18:57:11 | 000,115,137 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Temp\bd7c47bb-f5c0-417c-a180-ec348d87718a\CliSecureRT.dll
MOD - [2012-03-31 04:38:26 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012-03-28 22:11:38 | 000,649,640 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll
MOD - [2012-03-28 22:11:38 | 000,528,808 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\FirmwareUpdateAgent.Common.dll
MOD - [2012-03-28 22:11:38 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\IPCServer.dll
MOD - [2012-03-28 22:11:38 | 000,003,584 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\ISharedIPCInterface.dll
MOD - [2011-10-15 00:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011-06-13 14:21:52 | 000,511,384 | ---- | M] () -- C:\Program Files (x86)\IObit\Game Booster\sqlite3.dll
MOD - [2011-04-25 00:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
MOD - [2011-04-25 00:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
MOD - [2011-04-25 00:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
MOD - [2011-04-25 00:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
MOD - [2011-04-25 00:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
MOD - [2011-04-25 00:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
MOD - [2011-04-20 20:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
MOD - [2009-07-14 19:55:04 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-07-14 07:00:25 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e033d390dc7e9567b6960b0f530cf30\System.Management.ni.dll
MOD - [2009-07-14 06:56:14 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\1762137638019a091020b3baf52f6de3\System.Core.ni.dll
MOD - [2009-07-14 06:56:11 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\39f5a71b5185d267b0f55cd4cea26d6b\PresentationFramework.Aero.ni.dll
MOD - [2009-07-14 06:55:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4bdeb88758dccd625f4703ed77aaf348\System.Runtime.Remoting.ni.dll
MOD - [2009-07-14 06:55:47 | 014,318,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\68e5eeb3c6ef18ba2dc1ad70eb74aeee\PresentationFramework.ni.dll
MOD - [2009-07-14 06:55:32 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll
MOD - [2009-07-14 06:55:26 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll
MOD - [2009-07-14 06:55:23 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b459c5815af8123e4bf30d4e05bba65\PresentationCore.ni.dll
MOD - [2009-07-14 06:55:14 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c2f9dd7db911053edcaaadf5fefc500a\WindowsBase.ni.dll
MOD - [2009-07-14 06:55:09 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll
MOD - [2009-07-14 06:55:05 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll
MOD - [2009-07-14 06:55:00 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll
MOD - [2009-02-27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-05-29 00:39:10 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-05-05 00:40:04 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-03-15 07:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2012-02-29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-02-28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-02-09 13:44:10 | 000,531,328 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2012-01-07 18:56:15 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-01-04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011-10-15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011-08-30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2010-11-27 13:39:13 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009-08-24 22:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe -- (DfSdkS)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007-05-31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-01-07 17:29:28 | 000,025,216 | ---- | M] (Dev47Apps) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\droidcam.sys -- (DroidCam)
DRV:[b]64bit:[/b] - [2011-12-30 21:58:02 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:[b]64bit:[/b] - [2011-03-29 15:31:40 | 000,179,616 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:[b]64bit:[/b] - [2011-03-21 21:22:06 | 000,452,200 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-03-10 19:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2011-03-04 14:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:[b]64bit:[/b] - [2011-03-04 14:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:[b]64bit:[/b] - [2010-11-27 15:42:17 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:[b]64bit:[/b] - [2010-04-27 04:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:[b]64bit:[/b] - [2010-04-27 04:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV:[b]64bit:[/b] - [2010-04-27 04:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV:[b]64bit:[/b] - [2009-11-02 21:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2009-09-23 03:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:[b]64bit:[/b] - [2009-09-23 03:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:[b]64bit:[/b] - [2009-09-23 03:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:[b]64bit:[/b] - [2009-09-23 03:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:[b]64bit:[/b] - [2009-09-21 21:26:10 | 000,054,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:[b]64bit:[/b] - [2009-03-18 07:56:34 | 000,037,888 | ---- | M] (IC Plus Corp.                                                                                                                                                                                                                                                ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ipfnd51.sys -- (ip100Avista)
DRV:[b]64bit:[/b] - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:[b]64bit:[/b] - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2011-03-16 19:59:28 | 000,036,792 | ---- | M] (IObit Information Technology) [File_System | Auto | Running] -- C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys -- (PfFilter)
DRV - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\URLSearchHook: {87d5d709-40f2-48a7-8f47-7bb821af70ab} - C:\Program Files (x86)\Softonic-Polska2\prxtbSof0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{3668D2EB-A69B-45BD-9DE3-B132F189BDDD}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=02c2a362-8405-11e1-afe7-940c6d84c3b7&q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - No CLSID value found
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\URLSearchHook: {87d5d709-40f2-48a7-8f47-7bb821af70ab} - C:\Program Files (x86)\Softonic-Polska2\prxtbSof0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\SearchScopes\{0A71C6B9-DDC6-429B-9196-91B12B400D33}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\SearchScopes\{3668D2EB-A69B-45BD-9DE3-B132F189BDDD}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=02c2a362-8405-11e1-afe7-940c6d84c3b7&q={searchTerms}
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\SearchScopes\{3D1DC7D6-D6FD-423C-94F0-01276943F9AF}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\SearchScopes\{FD3B27A0-1013-4D34-AE23-51F24B116DD3}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "Allegro"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/ig"
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.5.2
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.556
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {87d5d709-40f2-48a7-8f47-7bb821af70ab}:3.2.5.2
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: D:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: D:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-04-27 09:02:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012-04-27 09:02:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012-04-27 09:02:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2012-05-05 00:40:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-12 14:56:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011-08-30 19:55:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Administrator\AppData\Roaming\IDM\idmmzcc5

[2010-11-27 16:09:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2010-11-27 14:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012-05-29 20:18:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\vgs4lcwq.default\extensions
[2012-05-17 12:31:33 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\vgs4lcwq.default\extensions\https-everywhere@eff.org
[2012-01-06 21:01:48 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VGS4LCWQ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012-05-17 12:31:30 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VGS4LCWQ.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI

[color=#E56717]========== Chrome  ==========[/color]

CHR - default_search_provider: facemoods (Enabled)
CHR - default_search_provider: search_url = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\npSkypeChromePlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: GanymedeNet.Detector (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\plugins\npganymedenet.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\plugins\nprpjplug.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Administrator\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Administrator\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = D:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = D:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: LiveVDO plug-in (Enabled) = D:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Winamp Application Detector (Enabled) = D:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Picasa (Enabled) = D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Veetle TV Player (Enabled) = D:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = D:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - Extension: WinToFlash Suggestor = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Klawiatura wirtualna = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Skype Click to Call = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\
CHR - Extension: Anti-Banner = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\

O1 HOSTS File: ([2011-01-26 18:20:19 | 000,000,893 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.google-analytics.com
O1 - Hosts: 127.0.0.1 google-analytics.com
O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Softonic-Polska2 Toolbar) - {87d5d709-40f2-48a7-8f47-7bb821af70ab} - C:\Program Files (x86)\Softonic-Polska2\prxtbSof0.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (WinToFlash Suggestor) - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O3 - HKLM\..\Toolbar: (Softonic-Polska2 Toolbar) - {87d5d709-40f2-48a7-8f47-7bb821af70ab} - C:\Program Files (x86)\Softonic-Polska2\prxtbSof0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O3 - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\Toolbar\WebBrowser: (Softonic-Polska2 Toolbar) - {87D5D709-40F2-48A7-8F47-7BB821AF70AB} - C:\Program Files (x86)\Softonic-Polska2\prxtbSof0.dll (Conduit Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2616109949-4265111833-505487840-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2616109949-4265111833-505487840-500..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-2616109949-4265111833-505487840-500..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2616109949-4265111833-505487840-500..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2616109949-4265111833-505487840-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Realmadrid.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-2616109949-4265111833-505487840-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: &Download with AktivDownloadManager! - D:\Program Files (x86)\Aktiv Download Manager\aktivdownloadmanager.htm File not found
O8:[b]64bit:[/b] - Extra context menu item: ????3?? - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: ????3?????? - Reg Error: Value error. File not found
O8:[b]64bit:[/b] - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij przy poomocy FlashGet3 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet3 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:[b]64bit:[/b] - Extra context menu item: 使用快车3下载 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:[b]64bit:[/b] - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: &Download with AktivDownloadManager! - D:\Program Files (x86)\Aktiv Download Manager\aktivdownloadmanager.htm File not found
O8 - Extra context menu item: ????3?? - Reg Error: Value error. File not found
O8 - Extra context menu item: ????3?????? - Reg Error: Value error. File not found
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Ściągnij przy poomocy FlashGet3 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet3 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9:[b]64bit:[/b] - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:[b]64bit:[/b] - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41095E9B-DB3E-454A-B01D-2AEF8CAF4332}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80E82F21-5692-4684-A6D3-D13C88B9CCAA}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-12-01 23:56:18 | 000,265,042 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O32 - AutoRun File - [2011-04-27 19:03:36 | 000,000,143 | R--- | M] () - J:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{8647a3a5-a591-11e1-a4a9-940c6d84c3b7}\Shell - "" = AutoRun
O33 - MountPoints2\{8647a3a5-a591-11e1-a4a9-940c6d84c3b7}\Shell\AutoRun\command - "" = J:\wubi.exe -- [2011-04-27 18:59:51 | 001,530,520 | R--- | M] ()
O33 - MountPoints2\{a2a4b597-fa32-11df-8016-001fd084af01}\Shell - "" = AutoRun
O33 - MountPoints2\{a2a4b597-fa32-11df-8016-001fd084af01}\Shell\AutoRun\command - "" = G:\openSUSE12_2_LOCAL.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-06-11 17:32:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-05-29 16:34:29 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Nowy folder
[2012-05-28 20:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinToFlash Suggestor
[2012-05-28 19:57:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\soft
[2012-05-27 00:00:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
[2012-05-27 00:00:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LinuxLive USB Creator
[2012-05-24 20:05:37 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2012-05-24 20:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2012-05-24 20:04:20 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys
[2012-05-24 20:04:20 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys
[2012-05-24 20:04:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDisc
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-06-17 15:56:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-17 15:36:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2616109949-4265111833-505487840-500UA.job
[2012-06-17 15:15:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-06-17 12:51:35 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-17 12:50:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-17 12:50:17 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-15 15:27:25 | 000,124,365 | ---- | M] () -- C:\Users\Administrator\Desktop\połączenia.PNG
[2012-06-13 16:19:37 | 000,073,283 | ---- | M] () -- C:\Users\Administrator\Desktop\1468.jpg
[2012-06-11 11:59:55 | 000,958,616 | ---- | M] () -- C:\Users\Administrator\Desktop\pcc_3.pdf
[2012-06-10 11:06:11 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2616109949-4265111833-505487840-500Core.job
[2012-06-07 10:28:17 | 002,720,722 | ---- | M] () -- C:\Users\Administrator\Desktop\20120607_102203.jpg
[2012-06-03 16:49:12 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-03 16:49:12 | 000,689,136 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-06-03 16:49:12 | 000,607,530 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-03 16:49:12 | 000,131,792 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-06-03 16:49:12 | 000,103,908 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-03 13:34:49 | 000,292,893 | ---- | M] () -- C:\Users\Administrator\Desktop\A4 - 2.06.2012.jpg
[2012-05-30 20:39:50 | 000,322,549 | ---- | M] () -- C:\Users\Administrator\Desktop\Screenshot.png
[2012-05-29 10:55:12 | 000,166,050 | ---- | M] () -- C:\Users\Administrator\Desktop\CV - Dawid Sibiński.pdf
[2012-05-29 10:46:32 | 000,059,484 | ---- | M] () -- C:\Users\Administrator\Desktop\zdjęcie.jpg
[2012-05-29 00:39:10 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-05-29 00:39:10 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-05-28 19:47:02 | 000,004,443 | ---- | M] () -- C:\Users\Administrator\Documents\ax_files.xml
[2012-05-28 12:18:22 | 000,001,610 | ---- | M] () -- C:\Users\Administrator\Desktop\FIX.CRT
[2012-05-21 21:11:26 | 000,520,770 | ---- | M] () -- C:\Users\Administrator\Desktop\zameldowanie.jpg
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-06-15 15:27:25 | 000,124,365 | ---- | C] () -- C:\Users\Administrator\Desktop\połączenia.PNG
[2012-06-13 16:19:36 | 000,073,283 | ---- | C] () -- C:\Users\Administrator\Desktop\1468.jpg
[2012-06-11 11:59:52 | 000,958,616 | ---- | C] () -- C:\Users\Administrator\Desktop\pcc_3.pdf
[2012-06-07 10:28:15 | 002,720,722 | ---- | C] () -- C:\Users\Administrator\Desktop\20120607_102203.jpg
[2012-06-03 13:34:48 | 000,292,893 | ---- | C] () -- C:\Users\Administrator\Desktop\A4 - 2.06.2012.jpg
[2012-05-30 13:38:35 | 000,322,549 | ---- | C] () -- C:\Users\Administrator\Desktop\Screenshot.png
[2012-05-29 10:55:12 | 000,166,050 | ---- | C] () -- C:\Users\Administrator\Desktop\CV - Dawid Sibiński.pdf
[2012-05-29 10:46:31 | 000,059,484 | ---- | C] () -- C:\Users\Administrator\Desktop\zdjęcie.jpg
[2012-05-28 12:18:22 | 000,001,610 | ---- | C] () -- C:\Users\Administrator\Desktop\FIX.CRT
[2012-05-21 21:11:25 | 000,520,770 | ---- | C] () -- C:\Users\Administrator\Desktop\zameldowanie.jpg
[2012-01-07 17:32:16 | 000,000,033 | ---- | C] () -- C:\ProgramData\droidcam-settings
[2011-12-30 22:01:18 | 000,017,408 | ---- | C] () -- C:\Users\Administrator\AppData\Local\WebpageIcons.db
[2011-10-15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-09-29 15:26:34 | 000,000,000 | ---- | C] () -- C:\Users\Administrator\AppData\Local\{EF830C3F-57A6-4B6E-AD8A-C0289DB11D22}
[2011-07-26 17:26:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011-07-26 17:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011-07-26 17:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011-07-26 17:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011-07-26 17:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011-03-31 15:35:23 | 000,071,680 | ---- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-02-17 12:19:01 | 000,000,130 | ---- | C] () -- C:\Windows\MXSkypeRecorder.INI
[2011-02-13 16:13:56 | 000,000,035 | ---- | C] () -- C:\Windows\WorldBuilder.INI
[2011-01-11 20:33:29 | 000,007,604 | ---- | C] () -- C:\Users\Administrator\AppData\Local\resmon.resmoncfg
[2010-12-30 00:03:26 | 000,005,642 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010-12-30 00:03:26 | 000,000,088 | RHS- | C] () -- C:\ProgramData\698E2E5BE3.sys
[2010-12-22 17:09:05 | 000,002,356 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2010-12-22 16:57:58 | 000,000,512 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2010-12-22 16:57:22 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010-12-04 18:08:03 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010-12-04 18:06:58 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2010-11-29 09:08:27 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-11-29 09:08:27 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010-11-29 09:08:25 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010-11-29 09:08:25 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010-11-29 09:08:25 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010-11-27 15:18:11 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-11-27 14:12:14 | 000,000,404 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010-11-27 14:08:07 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini
[2010-11-27 14:03:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-11-27 13:39:31 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe
[2010-11-27 13:39:31 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe

[color=#E56717]========== LOP Check ==========[/color]

[2011-10-28 19:15:07 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\.minecraft
[2011-01-26 18:11:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\AntiBrowserSpy 2009
[2011-06-01 16:04:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\AnvSoft
[2011-01-24 22:08:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Ashampoo
[2012-02-22 19:39:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ASUS
[2011-09-20 21:44:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ASUS WebStorage
[2011-10-25 20:55:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\BITS
[2012-06-11 17:35:39 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\BitTorrent
[2010-12-28 20:21:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Command and Conquer 4
[2011-07-22 00:27:04 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Day 1 Studios
[2011-12-30 21:17:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DMCache
[2011-11-12 03:32:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DVDVideoSoft
[2011-09-18 12:57:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\eCareme
[2011-07-09 13:57:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EurekaLog
[2010-12-22 16:57:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FlashGet
[2010-12-22 16:57:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FlashGetBHO
[2010-12-22 21:44:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Gadu-Gadu 10
[2011-08-20 16:30:53 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GanymedeNet
[2010-12-16 20:13:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GetRightToGo
[2010-11-27 15:49:27 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GHISLER
[2011-04-08 23:11:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Gmail Notifier Plus
[2012-04-07 23:21:59 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\gtk-2.0
[2011-10-01 23:35:21 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\HD Tune Pro
[2012-02-12 17:23:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\HLSW
[2011-06-15 07:09:53 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IObit
[2010-11-27 15:05:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IrfanView
[2010-11-27 23:49:25 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Leadertech
[2011-02-05 22:47:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Moje pliki Bitwy o Śródziemie™ II
[2011-03-01 13:11:46 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Need for Speed World
[2010-12-16 20:59:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\NetMedia Providers
[2010-11-27 16:06:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\NetSupport
[2012-02-13 23:17:03 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Nokia
[2012-02-13 23:17:03 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Nokia Suite
[2010-11-27 15:11:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Notepad++
[2011-12-30 21:55:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Orbit
[2011-10-21 20:33:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Origin
[2012-02-05 20:49:09 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PC Suite
[2011-10-25 20:57:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ProgSense
[2010-12-16 20:59:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Publish Providers
[2010-12-29 01:26:09 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Red Alert 3
[2012-04-12 18:43:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Samsung
[2011-01-02 03:53:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Sierra Entertainment
[2010-12-16 21:02:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Sony
[2011-09-21 18:20:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Sports Interactive
[2010-12-03 22:58:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Stereoscopic Player Komputer Świat Edition
[2011-06-13 20:52:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TeamViewer
[2011-05-09 22:13:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Teeworlds
[2010-11-27 14:03:21 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2011-06-27 19:46:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TS3Client
[2011-05-11 19:48:10 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Ulead Systems
[2011-02-21 09:39:31 | 000,000,000 | -HSD | M] -- C:\Users\Administrator\AppData\Roaming\WinDefender
[2011-05-31 19:18:42 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Xilisoft
[2011-01-24 21:56:14 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Youtube Downloader HD
[2011-11-16 23:23:12 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Youtube to MP3 Converter
[2012-05-13 11:33:31 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >


extras:
Kod: Zaznacz wszystko
OTL Extras logfile created on: 2012-06-17 16:10:34 - Run 3
OTL by OldTimer - Version 3.2.49.0     Folder = D:\Downloads\Nowe
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,48 Gb Available Physical Memory | 62,08% Memory free
8,00 Gb Paging File | 6,19 Gb Available in Paging File | 77,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 23,85 Gb Free Space | 40,77% Space Free | Partition Type: NTFS
Drive D: | 372,53 Gb Total Space | 215,24 Gb Free Space | 57,78% Space Free | Partition Type: NTFS
Drive J: | 1,12 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: DRAGON-KOMPUTER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2616109949-4265111833-505487840-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = D:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"D:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = D:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E3C972F-6F6E-448B-A8C1-C7F019E0EFEA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{14DFB4B4-64AA-41CA-AF22-5DF30724DDAE}" = lport=139 | protocol=6 | dir=in | app=system |
"{1E5C353A-FEB5-4952-B7DB-4B580E2E6C2F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{33904D43-4BBE-4B87-815B-8BAA4EACE911}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36DECD98-613A-4202-8D31-3E64697F072C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3BB07E3F-3789-403C-BC82-878CD444A34E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5ED83219-C51E-4297-A992-FF1B8482FDFA}" = lport=138 | protocol=17 | dir=in | app=system |
"{5F3B41D4-D120-4BAD-BE2C-33C0A686664A}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{65CFFCD7-5818-4500-B2C9-46C384EB4488}" = rport=139 | protocol=6 | dir=out | app=system |
"{68CD72D9-A600-4204-A7DF-8ACC9094BA81}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7158CE47-1DF2-413A-A661-1D40513B3A45}" = lport=445 | protocol=6 | dir=in | app=system |
"{7A24E8DC-EE49-4BB3-8811-CDD20F8F5DCE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A22C6634-A83F-4B8C-B198-E18F86D2FBD3}" = rport=137 | protocol=17 | dir=out | app=system |
"{BDE9A2FD-C307-46C5-ACFF-8641BB482DF5}" = rport=138 | protocol=17 | dir=out | app=system |
"{C58EA06E-FBA5-4F9F-9D40-0DD3E30F2090}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C9DAE7C3-8094-4E58-AB23-49B948AE79B0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D502765C-97FE-48C4-8ED4-DE0DBBB15E65}" = rport=445 | protocol=6 | dir=out | app=system |
"{DBDDD836-AE7A-4B3D-A416-6E54ACB3BA63}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E02A8D65-1432-47C5-B2D0-9F7074541237}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E1025E79-559A-4B3F-8290-244D0945C798}" = lport=137 | protocol=17 | dir=in | app=system |
"{F4C7858D-9EB1-47A2-B924-4173A71AE1BD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FD5A4961-29E6-465A-A028-44C014E1BCA6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B77496-E263-4750-8AE7-68AF2FE63A50}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{0286FCD9-B31D-4DC2-9FEB-8C36394AD6A1}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{040F9455-1848-40E7-B0F4-2F19ABA418F3}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{0669021D-B7AD-40F1-B7C4-A74AF541FADF}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{093F1813-4D3A-4DC6-AAF4-90F71F75E4C0}" = protocol=6 | dir=in | app=c:\program files (x86)\droidcam\droidcamapp.exe |
"{0CD96C79-32D5-4BC0-9004-463E7FE29914}" = protocol=17 | dir=in | app=d:\program files (x86)\bittorrent\bittorrent.exe |
"{170ED1CF-BB47-4BB5-B58C-8D4E000AC3DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{18A56F85-0337-4B37-9730-40E43E148C45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{19C80BA7-CD3B-4DF6-8CC0-4A85809C94D9}" = protocol=17 | dir=in | app=c:\program files (x86)\netsupport\netsupport school\pcideply.exe |
"{1EF677C9-E80D-4443-9C6B-5180A3AFED56}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1F3099F0-AF43-4812-9655-382FA7DA2F16}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2F275631-6DDB-4891-B1BB-932466974059}" = dir=out | app=d:\program files\eslwire\wire.exe |
"{301DB4BA-7112-4E16-B445-882C388882D7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{46F2722D-B923-454A-914E-BECBEB221AB0}" = protocol=58 | dir=in | app=system |
"{4DF6762D-B2B4-4B63-B440-E638D95A794D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4F6C540E-5AC1-45E3-90AC-FDEFA0625B1D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4FBDCB98-12EA-4342-8C4C-7A8DDDF541D6}" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\bitwa o śródziemie ii\game.dat |
"{5246BC85-62A5-4E14-B5AF-232F2DFF030C}" = protocol=6 | dir=in | app=c:\program files (x86)\netsupport\netsupport school\pcideply.exe |
"{52F61B9C-7A7F-4D7C-BDD1-04440ED2C210}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{54B012BF-CB30-4D53-BDFF-8EC7AB5240D5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{59083919-D5F5-44EF-8DEE-E9BD02F40EE3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{603060F7-7198-4794-9BCD-763BDB77BBE3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6D8E1761-7EC8-4B07-8C9D-57F04A1B865B}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\dragon_1993\condition zero\hl.exe |
"{758C3B26-96B8-44AA-AF0F-9FBC06D90D99}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7B68473A-DDEE-4968-9D1E-231B0F573EB8}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\dragon_1993\counter-strike\hl.exe |
"{8093C9AF-4768-490B-B200-3D3103908000}" = protocol=17 | dir=in | app=c:\program files (x86)\netsupport\netsupport school\nssadmui.exe |
"{8349DC7E-0EEB-46EA-BE89-0919AC8FFC5C}" = dir=in | app=d:\program files\eslwire\wire.exe |
"{8445766D-FF5D-4271-B12B-D1ACB9F4D1E3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8497E72D-101F-4E42-B40E-99CB5B0E6437}" = protocol=6 | dir=in | app=d:\program files (x86)\sports interactive\football manager 2011\fm.exe |
"{85B28030-CCBD-4FDF-BDE4-4ABD93CD741C}" = protocol=17 | dir=in | app=c:\users\administrator\appdata\roaming\spotify\spotify.exe |
"{87317955-C644-4A42-A45F-BCAEAA3D68F8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{87859222-CE86-45CC-8B18-3A0D15B71D6F}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{8E6847A3-B3D8-4D6F-AFAB-8342DA0E6952}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{8FAB04B5-C7B3-4A16-837F-4953E4EF52FC}" = protocol=17 | dir=in | app=c:\users\administrator\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{956A155F-A163-49B9-9A1A-D9187BC91C98}" = protocol=6 | dir=in | app=d:\program files (x86)\bittorrent\bittorrent.exe |
"{95F2D99B-6BF0-4297-B4D3-23B91AE2F2F9}" = protocol=1 | dir=in | name=hlsw icmp |
"{9AB444E8-B5B9-4880-B356-8A0922D42D5A}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{A12D077A-B6F3-4E9F-AA46-4C7EF3E55EDE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{A1C2C7D1-134E-4383-949E-EC702CB58FDD}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{A1C3E875-4041-4813-B491-0AA229E7C755}" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\fifa 12\game\fifa.exe |
"{A51DB646-87F3-42BC-869F-7D58A0BCDA90}" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\bitwa o śródziemie ii\game.dat |
"{A6C0643E-15E6-437E-AC29-A192A6C4B39B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{AA9238F5-0376-40D8-8FF2-CECED90ABE63}" = protocol=6 | dir=in | app=d:\program files (x86)\sierra entertainment\empire earth iii\ee3.exe |
"{AC0490B4-94DE-4904-941D-7BA577B3CF4C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0CDCCC5-88C2-423C-8135-705D850415E1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B38C4E8B-6A57-4A0E-8A5B-FDB036F0F7B3}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{B85B4545-0375-4D0C-830E-3C0285A02035}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\dragon_1993\condition zero\hl.exe |
"{B8B2EBDF-DDA3-4F8E-94A7-E943B4545CA3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B971DEFB-5940-4F70-976B-20CDD08E68B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BC44E3AC-A762-4E40-9E01-E6F58F04CC6D}" = protocol=6 | dir=out | app=system |
"{C0B71512-4AFB-4441-B202-EA95261F3161}" = protocol=17 | dir=in | app=d:\program files (x86)\sierra entertainment\empire earth iii\ee3.exe |
"{C2212C85-5DAD-42DB-A2E7-7A1891BB8FF2}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{C53180EB-7D66-4EC5-8DE8-D85DF77F4937}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{C57E12B6-E06D-488E-8FB1-7C6A0CF902FF}" = protocol=6 | dir=in | app=c:\users\administrator\appdata\roaming\spotify\spotify.exe |
"{C762E797-7BEB-42A9-A0A0-7B7A70A81664}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\dragon_1993\counter-strike\hl.exe |
"{C9621B54-C7C2-4502-8403-688F8C65FBDB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C9A384B2-F8CB-4808-AB00-6EFAD0D45060}" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\fifa 12\game\fifa.exe |
"{CFAF5092-E751-4023-8922-F7F7FD81066D}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\inputserv.exe |
"{D2FB9FFD-B6C6-4E4D-8D0E-7351F4F28930}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{D40DD208-DD09-451C-9F58-F93ABAC7F4C1}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srlogin.exe |
"{DB0293C2-D19F-40C6-9ADD-0FAF0BF262BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DC954693-FDEE-453D-9A8C-2F682A0408A7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DD5AFB21-D82B-4A4A-88C8-324DDD1D4FD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DEC5EC76-A9D4-44A7-822D-3AD98293AA5C}" = protocol=6 | dir=in | app=c:\program files (x86)\netsupport\netsupport school\nssadmui.exe |
"{E01B587C-B618-4890-8259-417CD7C3AF31}" = protocol=6 | dir=in | app=c:\users\administrator\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{E159B4A0-E01F-4265-8CE1-F94393D5469F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E39B39CB-222F-4BDA-A858-41EDC1725C92}" = protocol=17 | dir=in | app=c:\program files (x86)\droidcam\droidcamapp.exe |
"{E3ED01B8-B392-49C3-AD83-4D545F3FCB06}" = protocol=17 | dir=in | app=d:\program files (x86)\sports interactive\football manager 2011\fm.exe |
"{E8D304BA-22B7-4B16-85D1-BA68E9CE8899}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F91E2219-7D1B-4A9A-9FB2-B0A288ABA23F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FE1D7ED3-A4E1-43F2-BCB5-FCCFAF9A2B4A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{217B53C0-3FCF-4A59-8755-54D02A6FAA2C}D:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=d:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{2367A1BD-376C-45AD-8FDD-1DCDE44ECAF0}D:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{60EFB0C3-1A85-4AD9-B373-D6A3703791C7}D:\program files (x86)\microsoft games\age of empires iii\age3.exe" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"TCP Query User{A59BEF40-E884-47D6-A826-F2317FF0117E}D:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=d:\program files (x86)\gadu-gadu 10\gg.exe |
"TCP Query User{E6695905-7090-43AE-A018-F2E85E46D19B}D:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=d:\totalcmd\totalcmd.exe |
"TCP Query User{EC269F5D-F0A5-4303-94DB-16E93EF3E733}D:\program files (x86)\electronic arts\fifa™ 11\game\fifa.exe" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\fifa™ 11\game\fifa.exe |
"UDP Query User{50B3B775-789F-4616-BBED-935AFD3D193E}D:\program files (x86)\electronic arts\fifa™ 11\game\fifa.exe" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\fifa™ 11\game\fifa.exe |
"UDP Query User{733AC4CA-8FF8-4AD7-80BF-68295DA16EEF}D:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=d:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{AC7BED87-E132-4FFC-8FA7-2F6181EA3A69}D:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=d:\program files (x86)\gadu-gadu 10\gg.exe |
"UDP Query User{CC98C158-CC85-43FE-A647-394A25A04D0B}D:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=d:\totalcmd\totalcmd.exe |
"UDP Query User{E31F895D-35E0-49D1-BA96-DB0075E820A0}D:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{ED81CC4F-96AF-41CF-B857-5BD24B9A70E4}D:\program files (x86)\microsoft games\age of empires iii\age3.exe" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft games\age of empires iii\age3.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{565343AF-BB01-4638-A87A-06D04494796A}" = Desktop Restore
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum obsługi urządzeń z systemem Windows Mobile
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010
"{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}" = PaperPort Image Printer 64-bit
"{ACDE6F8D-F748-4535-AB8F-B6A7F9344868}" = ASUS Android USB Drivers
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 285.62
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"ESL Wire_is1" = ESL Wire 1.9.6
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Pakiet sterowników systemu Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.01 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0FD155A3-DF78-43ee-84B0-3CC86BA962F2}_is1" = Sothink Video Converter
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Bitwa o Śródziemie™ II
"{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{325045C9-F040-3D98-892D-53D5E840266C}" = Google Talk Plugin
"{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{4483C0BF-32EE-4D30-B0F6-76591B5F529B}" = NetSupport School
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5C4ED859-875F-4299-AA2C-E0E393BDCD21}" = ScanSoft PaperPort 11
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-375CW
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro
"{B17E235C-7A3B-4482-B650-21FFDE1D452E}" = Empire Earth III
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share
"{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO
"{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common
"{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents
"{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO
"{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM
"{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1" = AntiBrowserSpy
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"ALLPlayer_is1" = ALLPlayer V4.X
"Any Video Converter Professional_is1" = Any Video Converter Professional 3.2.2
"AQQ" = WapSter AQQ
"Ashampoo WinOptimizer 7_is1" = Ashampoo WinOptimizer 7 v.7.26
"Audacity_is1" = Audacity 1.2.6
"BitTorrent" = BitTorrent
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.0.3
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"F.E.A.R. 3_is1" = F.E.A.R. 3
"ffdshow_is1" = ffdshow [rev 2583] [2009-01-05]
"Football Manager 2011" = Football Manager 2011
"Fraps" = Fraps (remove only)
"Free YouTube Uploader_is1" = Free YouTube Uploader version 3.3.21.920
"Gadu-Gadu 10" = Gadu-Gadu 10
"Game Booster_is1" = Game Booster
"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker
"HaaliMkx" = Haali Media Splitter
"HD Tune Pro_is1" = HD Tune Pro 4.61
"HLSW_is1" = HLSW v1.4.0.2
"InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"IQ Zbiór testów na inteligencję1.0" = IQ Zbiór testów na inteligencję
"IrfanView" = IrfanView (remove only)
"JAFSetup" = JAF Setup
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.6.0 (Full)
"LinuxLive USB Creator" = LinuxLive USB Creator
"LogMeIn Hamachi" = LogMeIn Hamachi
"Minecraft Beta Cracked" = Minecraft Beta Cracked
"mIRC" = mIRC
"Mobiola Web Camera for S60_is1" = Mobiola Web Camera for S60 3.0.19
"Mozilla Firefox 12.0 (x86 pl)" = Mozilla Firefox 12.0 (x86 pl)
"Mozilla Thunderbird 12.0.1 (x86 pl)" = Mozilla Thunderbird 12.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nero8Lite_is1" = Nero 8 Lite 8.3.6.0
"Notepad++" = Notepad++
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OCCT_is1" = OCCT Perestroika 3.1.0
"OpenAL" = OpenAL
"Origin" = Origin
"Picasa 3" = Picasa 3
"Protected Folder_is1" = Protected Folder
"RealAlt_is1" = Real Alternative 2.0.2
"Skrzyżowania_is1" = Skrzyżowania 1.0.0.14
"Softonic-Polska2 Toolbar" = Softonic-Polska2 Toolbar
"SopCast" = SopCast 3.3.2
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"Steam App 240" = Counter-Strike: Source
"Steam App 310" = Source Multiplayer Dedicated Server
"Steam App 5" = Dedicated Server
"Steam App 80" = Counter-Strike: Condition Zero
"TeamViewer 6" = TeamViewer 6
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV" = Veetle TV 0.9.18
"vShare.tv plugin" = vShare.tv plugin 1.3
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinToFlash Suggestor" = WinToFlash Suggestor
"WinX HD Video Converter_is1" = WinX Video Converter 4.1
"xp-AntiSpy" = xp-AntiSpy 3.97-9
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.5
"Youtube to MP3 Converter_is1" = Youtube to MP3 Converter v. 1.3

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2616109949-4265111833-505487840-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BankBrowser" = BankBrowser
"f031ef6ac137efc5" = Dell Driver Download Manager
"f58f3889281ea80b" = ContainerEx Decrypter
"Google Chrome" = Google Chrome
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-06-11 11:25:20 | Computer Name = Dragon-Komputer | Source = Winlogon | ID = 4103
Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005.

Error - 2012-06-12 07:57:49 | Computer Name = Dragon-Komputer | Source = Winlogon | ID = 4103
Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005.

Error - 2012-06-13 09:58:03 | Computer Name = Dragon-Komputer | Source = Winlogon | ID = 4103
Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005.

Error - 2012-06-14 03:42:06 | Computer Name = Dragon-Komputer | Source = Winlogon | ID = 4103
Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005.

Error - 2012-06-14 04:31:36 | Computer Name = Dragon-Komputer | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "d:\program files (x86)\WapSter\wapster
aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "d:\program
files (x86)\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8.  Wartość "*" atrybutu
"language" elementu "assemblyIdentity" jest nieprawidłowa.

Error - 2012-06-14 09:06:25 | Computer Name = Dragon-Komputer | Source = Winlogon | ID = 4103
Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005.

Error - 2012-06-14 11:50:15 | Computer Name = Dragon-Komputer | Source = Winlogon | ID = 4103
Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005.

Error - 2012-06-15 09:01:40 | Computer Name = Dragon-Komputer | Source = Winlogon | ID = 4103
Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005.

Error - 2012-06-17 06:50:55 | Computer Name = Dragon-Komputer | Source = Winlogon | ID = 4103
Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005.

Error - 2012-06-17 07:57:52 | Computer Name = Dragon-Komputer | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "d:\program files (x86)\WapSter\wapster
aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "d:\program
files (x86)\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8.  Wartość "*" atrybutu
"language" elementu "assemblyIdentity" jest nieprawidłowa.

[ Media Center Events ]
Error - 2010-12-06 11:46:28 | Computer Name = Dragon-Komputer | Source = MCUpdate | ID = 0
Description = 16:46:28 - Nie można pobrać pakietu MCESpotlight (Błąd: Żądanie zostało
przerwane: Nie można utworzyć bezpiecznego kanału SSL/TLS.) 

Error - 2010-12-06 11:46:29 | Computer Name = Dragon-Komputer | Source = MCUpdate | ID = 0
Description = 16:46:29 - Nie można pobrać pakietu MCEClientUX (Błąd: Żądanie zostało
przerwane: Nie można utworzyć bezpiecznego kanału SSL/TLS.) 

[ System Events ]
Error - 2012-06-11 11:26:20 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2

Error - 2012-06-12 07:58:52 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2

Error - 2012-06-13 09:57:41 | Computer Name = Dragon-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 14:29:34 na ?2012-?06-?12 było
nieoczekiwane.

Error - 2012-06-13 09:59:07 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2

Error - 2012-06-14 03:43:08 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2

Error - 2012-06-14 04:35:56 | Computer Name = Dragon-Komputer | Source = volsnap | ID = 393252
Description = Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie
można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika.

Error - 2012-06-14 09:06:57 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2

Error - 2012-06-14 11:51:15 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2

Error - 2012-06-15 09:02:43 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2

Error - 2012-06-17 06:51:57 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2


< End of report >


Dodano 18.06.2012 16:35:23:
I co, kolejna zagadka nie do rozwiązania ;p ? Eh, w sumie spodziewałem się tego, jak zwykle w moim przypadku :).
Skromność, bez podpisu
Dragon2008
~user
 
Posty: 146
Dołączenie: 06 Kwi 2008, 11:53
Miejscowość: Grodków



Problem z działaniem routera/internetu

Postprzez wojtas 18 Cze 2012, 17:04

odinstaluj:
"Softonic-Polska2 Toolbar" = Softonic-Polska2 Toolbar

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
O3 - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2616109949-4265111833-505487840-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Realmadrid.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: &Download with AktivDownloadManager! - D:\Program Files (x86)\Aktiv Download Manager\aktivdownloadmanager.htm File not found
O8:64bit: - Extra context menu item: ????3?? - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: ????3?????? - Reg Error: Value error. File not found
O8 - Extra context menu item: &Download with AktivDownloadManager! - D:\Program Files (x86)\Aktiv Download Manager\aktivdownloadmanager.htm File not found
O8 - Extra context menu item: ????3?? - Reg Error: Value error. File not found
O8 - Extra context menu item: ????3?????? - Reg Error: Value error. File not found

:Commands
[emptytemp]

Kliknij wykonaj skrypt. I potwierdź reset komputera .

Użyj AdwCleaner i kliknij w nim Delete (w przypadku Visty/Windows7 uruchom z prawokliku jako Administrator)
Pokaż raport z niego


Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia (zawartość notatnika, która otworzy się po restarcie).
Image
Awatar użytkownika
wojtas
*mod
 
Posty: 18165
Dołączenie: 13 Sty 2006, 16:00
Miejscowość: Krzeszyce
Pochwały: 1656



Problem z działaniem routera/internetu

Postprzez Dragon2008 18 Cze 2012, 18:18

Nie da się odinstalować "Softonic-Polska2 Toolbar", z Panelu Sterowania czy z poziomu CCleaner nie idzie, po prostu nic się nie dzieje. W katalogu programu jest plik "uninstall.exe", jednak po jego włączeniu nic się nie dzieje. Co zrobić, usunąć tylko pliki programu ręcznie?

EDIT:
OK, Total Uninstall sobie z nim poradził. Biorę się za resztę poleceń.

OK, wszystko zrobione, wrzucam po kolei logi.

Log z czyszczenia:
Kod: Zaznacz wszystko
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2616109949-4265111833-505487840-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2616109949-4265111833-505487840-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Realmadrid.lnk moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Download with AktivDownloadManager!\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\????3??\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\????3??????\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Download with AktivDownloadManager!\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\????3??\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\????3??????\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 46111473 bytes
->Temporary Internet Files folder emptied: 6194266 bytes
->Java cache emptied: 55860600 bytes
->FireFox cache emptied: 386553815 bytes
->Google Chrome cache emptied: 18122928 bytes
->Flash cache emptied: 61701 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Dragon

User: Gość
->Temp folder emptied: 511503 bytes
->Temporary Internet Files folder emptied: 983628 bytes
->Flash cache emptied: 658 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3040 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68099 bytes
RecycleBin emptied: 26494713 bytes

Total Files Cleaned = 516,00 mb


OTL by OldTimer - Version 3.2.44.0 log created on 06182012_183145

Files\Folders moved on Reboot...
C:\Users\Administrator\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


Log z ADWCleanera:
Kod: Zaznacz wszystko
# AdwCleaner v1.609 - Logfile created 06/18/2012 at 18:38:53
# Updated 10/06/2012 by Xplode
# Operating system : Windows 7 Ultimate  (64 bits)
# User : Administrator - DRAGON-KOMPUTER
# Running from : D:\Downloads\Nowe\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Users\Gość\AppData\LocalLow\Conduit
Deleted on reboot : C:\Users\Gość\AppData\LocalLow\ConduitEngine
Deleted on reboot : C:\Users\Gość\AppData\LocalLow\PriceGong

***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (pl)

Profile name : default
File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\vgs4lcwq.default\prefs.js

Deleted : user_pref("extensions.hxxps_everywhere.Blekko", true);

-\\ Google Chrome v19.0.1084.56

File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted :       "icon_url": "hxxp://facemoods.com/favicon.ico",
Deleted :       "keyword": "facemoods.com",
Deleted :       "name": "facemoods",
Deleted :       "search_url": "hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4",
Deleted :          "path": "D:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npvsharetvplg.dll",
Deleted :          "name": "Winamp Application Detector",
Deleted :          "name": "Winamp Application Detector"

*************************

AdwCleaner[R1].txt - [29420 octets] - [14/06/2012 17:47:25]
AdwCleaner[S1].txt - [25634 octets] - [14/06/2012 17:47:49]
AdwCleaner[S2].txt - [1640 octets] - [18/06/2012 18:38:53]

########## EOF - C:\AdwCleaner[S2].txt - [1768 octets] ##########


i logi z OTL po czyszczeniu i ADWCleanerze:
OTL:
Kod: Zaznacz wszystko
OTL logfile created on: 2012-06-18 18:44:13 - Run 4
OTL by OldTimer - Version 3.2.44.0     Folder = D:\Downloads\Nowe
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,67 Gb Available Physical Memory | 66,77% Memory free
8,00 Gb Paging File | 6,58 Gb Available in Paging File | 82,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 23,85 Gb Free Space | 40,77% Space Free | Partition Type: NTFS
Drive D: | 372,53 Gb Total Space | 215,21 Gb Free Space | 57,77% Space Free | Partition Type: NTFS
Drive J: | 1,12 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: DRAGON-KOMPUTER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-05-29 20:00:13 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Downloads\Nowe\OTL.exe
PRC - [2012-03-31 04:38:26 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012-03-31 04:38:14 | 003,521,424 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012-03-15 07:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2012-02-28 18:38:56 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012-02-09 13:44:10 | 000,531,328 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2012-02-09 13:44:06 | 002,509,184 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
PRC - [2012-01-04 14:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011-10-15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011-08-30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011-06-15 14:51:08 | 000,683,352 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Game Booster\gbtray.exe
PRC - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
PRC - [2010-11-27 13:39:13 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe
PRC - [2010-11-27 13:39:13 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe
PRC - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009-02-24 16:47:06 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-06-18 18:36:55 | 000,115,137 | ---- | M] () -- C:\Users\Administrator\AppData\Local\Temp\bd7c47bb-f5c0-417c-a180-ec348d87718a\CliSecureRT.dll
MOD - [2012-03-31 04:38:26 | 000,021,392 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012-03-28 22:11:38 | 000,649,640 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll
MOD - [2012-03-28 22:11:38 | 000,528,808 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\FirmwareUpdateAgent.Common.dll
MOD - [2012-03-28 22:11:38 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\IPCServer.dll
MOD - [2012-03-28 22:11:38 | 000,003,584 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\ISharedIPCInterface.dll
MOD - [2011-06-13 14:21:52 | 000,511,384 | ---- | M] () -- C:\Program Files (x86)\IObit\Game Booster\sqlite3.dll
MOD - [2011-04-25 00:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
MOD - [2011-04-25 00:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
MOD - [2011-04-25 00:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
MOD - [2011-04-25 00:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
MOD - [2011-04-25 00:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
MOD - [2011-04-25 00:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
MOD - [2011-04-20 20:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
MOD - [2009-07-14 19:55:04 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009-07-14 07:00:25 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e033d390dc7e9567b6960b0f530cf30\System.Management.ni.dll
MOD - [2009-07-14 06:56:14 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\1762137638019a091020b3baf52f6de3\System.Core.ni.dll
MOD - [2009-07-14 06:56:11 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\39f5a71b5185d267b0f55cd4cea26d6b\PresentationFramework.Aero.ni.dll
MOD - [2009-07-14 06:55:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4bdeb88758dccd625f4703ed77aaf348\System.Runtime.Remoting.ni.dll
MOD - [2009-07-14 06:55:47 | 014,318,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\68e5eeb3c6ef18ba2dc1ad70eb74aeee\PresentationFramework.ni.dll
MOD - [2009-07-14 06:55:32 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll
MOD - [2009-07-14 06:55:26 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll
MOD - [2009-07-14 06:55:23 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b459c5815af8123e4bf30d4e05bba65\PresentationCore.ni.dll
MOD - [2009-07-14 06:55:14 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c2f9dd7db911053edcaaadf5fefc500a\WindowsBase.ni.dll
MOD - [2009-07-14 06:55:09 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll
MOD - [2009-07-14 06:55:05 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll
MOD - [2009-07-14 06:55:00 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll
MOD - [2009-02-27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2009-07-14 03:41:58 | 002,418,176 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:53 | 000,159,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:21 | 000,084,480 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:[b]64bit:[/b] - [2009-07-14 03:39:37 | 000,593,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV - [2012-06-18 18:37:26 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-06-05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-05-30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-05-05 00:40:04 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-03-15 07:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2012-02-28 18:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-02-09 13:44:10 | 000,531,328 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2012-01-07 18:56:15 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-01-04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011-10-15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011-08-30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011-04-25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2010-11-27 13:39:13 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2010-03-10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009-08-24 22:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe -- (DfSdkS)
SRV - [2009-07-14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009-07-14 03:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007-05-31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-02-24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:[b]64bit:[/b] - [2012-01-07 17:29:28 | 000,025,216 | ---- | M] (Dev47Apps) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\droidcam.sys -- (DroidCam)
DRV:[b]64bit:[/b] - [2011-12-30 21:58:02 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:[b]64bit:[/b] - [2011-11-01 11:07:24 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:[b]64bit:[/b] - [2011-03-29 15:31:40 | 000,179,616 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:[b]64bit:[/b] - [2011-03-21 21:22:06 | 000,452,200 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011-03-10 19:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:[b]64bit:[/b] - [2011-03-04 14:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:[b]64bit:[/b] - [2011-03-04 14:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:[b]64bit:[/b] - [2010-11-27 15:42:17 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:[b]64bit:[/b] - [2010-04-27 04:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:[b]64bit:[/b] - [2010-04-27 04:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV:[b]64bit:[/b] - [2010-04-27 04:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV:[b]64bit:[/b] - [2009-11-02 21:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:[b]64bit:[/b] - [2009-09-23 03:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:[b]64bit:[/b] - [2009-09-23 03:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:[b]64bit:[/b] - [2009-09-23 03:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:[b]64bit:[/b] - [2009-09-23 03:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:[b]64bit:[/b] - [2009-09-21 21:26:10 | 000,054,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GenericMount.sys -- (GenericMount)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2009-07-14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2009-07-14 01:23:37 | 000,327,168 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:[b]64bit:[/b] - [2009-03-18 07:56:34 | 000,037,888 | ---- | M] (IC Plus Corp.                                                                                                                                                                                                                                                ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ipfnd51.sys -- (ip100Avista)
DRV:[b]64bit:[/b] - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:[b]64bit:[/b] - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2011-03-16 19:59:28 | 000,036,792 | ---- | M] (IObit Information Technology) [File_System | Auto | Running] -- C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys -- (PfFilter)
DRV - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{3668D2EB-A69B-45BD-9DE3-B132F189BDDD}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=02c2a362-8405-11e1-afe7-940c6d84c3b7&q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - No CLSID value found
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\SearchScopes,DefaultScope = {0D7562AE-8EF6-416d-A838-AB665251703A}
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\SearchScopes\{0A71C6B9-DDC6-429B-9196-91B12B400D33}: "URL" = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\SearchScopes\{3668D2EB-A69B-45BD-9DE3-B132F189BDDD}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=02c2a362-8405-11e1-afe7-940c6d84c3b7&q={searchTerms}
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\SearchScopes\{3D1DC7D6-D6FD-423C-94F0-01276943F9AF}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\SearchScopes\{FD3B27A0-1013-4D34-AE23-51F24B116DD3}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-2616109949-4265111833-505487840-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.selectedEngine: "Allegro"
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/ig"
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.5.2
FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.556
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.556
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {87d5d709-40f2-48a7-8f47-7bb821af70ab}:3.2.5.2
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: D:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: D:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012-04-27 09:02:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012-04-27 09:02:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012-04-27 09:02:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2012-05-05 00:40:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-12 14:56:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011-08-30 19:55:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Administrator\AppData\Roaming\IDM\idmmzcc5

[2010-11-27 16:09:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions
[2010-11-27 14:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012-05-29 20:18:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\vgs4lcwq.default\extensions
[2012-05-17 12:31:33 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\vgs4lcwq.default\extensions\https-everywhere@eff.org
[2012-01-06 21:01:48 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VGS4LCWQ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012-05-17 12:31:30 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VGS4LCWQ.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI

[color=#E56717]========== Chrome  ==========[/color]

CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\npSkypeChromePlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: GanymedeNet.Detector (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\plugins\npganymedenet.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\plugins\nprpjplug.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Administrator\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Administrator\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = D:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = D:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin:  (Enabled) = D:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Picasa (Enabled) = D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Veetle TV Player (Enabled) = D:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = D:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - Extension: WinToFlash Suggestor = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\acaoakiamfeidcmgooclgeleejkbaecf\1.2.3_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: Klawiatura wirtualna = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\
CHR - Extension: Skype Click to Call = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\
CHR - Extension: Anti-Banner = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\

O1 HOSTS File: ([2011-01-26 18:20:19 | 000,000,893 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.google-analytics.com
O1 - Hosts: 127.0.0.1 google-analytics.com
O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (WinToFlash Suggestor) - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O3 - HKU\S-1-5-21-2616109949-4265111833-505487840-500\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2616109949-4265111833-505487840-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2616109949-4265111833-505487840-500..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-2616109949-4265111833-505487840-500..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2616109949-4265111833-505487840-500..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-2616109949-4265111833-505487840-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:[b]64bit:[/b] - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij przy poomocy FlashGet3 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet3 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:[b]64bit:[/b] - Extra context menu item: 使用快车3下载 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:[b]64bit:[/b] - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Ściągnij przy poomocy FlashGet3 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet3 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Administrator\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9:[b]64bit:[/b] - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:[b]64bit:[/b] - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41095E9B-DB3E-454A-B01D-2AEF8CAF4332}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80E82F21-5692-4684-A6D3-D13C88B9CCAA}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011-12-01 23:56:18 | 000,265,042 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O32 - AutoRun File - [2011-04-27 19:03:36 | 000,000,143 | R--- | M] () - J:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{8647a3a5-a591-11e1-a4a9-940c6d84c3b7}\Shell - "" = AutoRun
O33 - MountPoints2\{8647a3a5-a591-11e1-a4a9-940c6d84c3b7}\Shell\AutoRun\command - "" = J:\wubi.exe -- [2011-04-27 18:59:51 | 001,530,520 | R--- | M] ()
O33 - MountPoints2\{a2a4b597-fa32-11df-8016-001fd084af01}\Shell - "" = AutoRun
O33 - MountPoints2\{a2a4b597-fa32-11df-8016-001fd084af01}\Shell\AutoRun\command - "" = G:\openSUSE12_2_LOCAL.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-06-18 18:27:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Martau
[2012-06-18 18:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\Total Uninstall 6
[2012-06-11 17:32:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-05-29 16:34:29 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Nowy folder
[2012-05-28 20:44:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinToFlash Suggestor
[2012-05-28 19:57:05 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\soft
[2012-05-27 00:00:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
[2012-05-27 00:00:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LinuxLive USB Creator
[2012-05-24 20:05:37 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2012-05-24 20:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2012-05-24 20:04:20 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysWow64\drivers\mcdbus.sys
[2012-05-24 20:04:20 | 000,255,552 | ---- | C] (MagicISO, Inc.) -- C:\Windows\SysNative\drivers\mcdbus.sys
[2012-05-24 20:04:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicDisc

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-06-18 18:41:26 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-18 18:40:49 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-06-18 18:40:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-18 18:40:20 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-18 18:37:26 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-06-18 18:37:26 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-06-18 18:36:02 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2616109949-4265111833-505487840-500UA.job
[2012-06-18 18:27:29 | 000,000,839 | ---- | M] () -- C:\Users\Public\Desktop\Total Uninstall 6.lnk
[2012-06-18 17:56:01 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-18 11:56:11 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2616109949-4265111833-505487840-500Core.job
[2012-06-17 19:36:28 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-17 19:36:28 | 000,689,136 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-06-17 19:36:28 | 000,607,530 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-17 19:36:28 | 000,131,792 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-06-17 19:36:28 | 000,103,908 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-15 15:27:25 | 000,124,365 | ---- | M] () -- C:\Users\Administrator\Desktop\połączenia.PNG
[2012-06-13 16:19:37 | 000,073,283 | ---- | M] () -- C:\Users\Administrator\Desktop\1468.jpg
[2012-06-11 11:59:55 | 000,958,616 | ---- | M] () -- C:\Users\Administrator\Desktop\pcc_3.pdf
[2012-06-07 10:28:17 | 002,720,722 | ---- | M] () -- C:\Users\Administrator\Desktop\20120607_102203.jpg
[2012-06-03 13:34:49 | 000,292,893 | ---- | M] () -- C:\Users\Administrator\Desktop\A4 - 2.06.2012.jpg
[2012-05-30 20:39:50 | 000,322,549 | ---- | M] () -- C:\Users\Administrator\Desktop\Screenshot.png
[2012-05-29 10:55:12 | 000,166,050 | ---- | M] () -- C:\Users\Administrator\Desktop\CV - Dawid Sibiński.pdf
[2012-05-29 10:46:32 | 000,059,484 | ---- | M] () -- C:\Users\Administrator\Desktop\zdjęcie.jpg
[2012-05-28 19:47:02 | 000,004,443 | ---- | M] () -- C:\Users\Administrator\Documents\ax_files.xml
[2012-05-28 12:18:22 | 000,001,610 | ---- | M] () -- C:\Users\Administrator\Desktop\FIX.CRT
[2012-05-21 21:11:26 | 000,520,770 | ---- | M] () -- C:\Users\Administrator\Desktop\zameldowanie.jpg

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-06-18 18:27:29 | 000,000,851 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 6.lnk
[2012-06-18 18:27:29 | 000,000,839 | ---- | C] () -- C:\Users\Public\Desktop\Total Uninstall 6.lnk
[2012-06-15 15:27:25 | 000,124,365 | ---- | C] () -- C:\Users\Administrator\Desktop\połączenia.PNG
[2012-06-13 16:19:36 | 000,073,283 | ---- | C] () -- C:\Users\Administrator\Desktop\1468.jpg
[2012-06-11 11:59:52 | 000,958,616 | ---- | C] () -- C:\Users\Administrator\Desktop\pcc_3.pdf
[2012-06-07 10:28:15 | 002,720,722 | ---- | C] () -- C:\Users\Administrator\Desktop\20120607_102203.jpg
[2012-06-03 13:34:48 | 000,292,893 | ---- | C] () -- C:\Users\Administrator\Desktop\A4 - 2.06.2012.jpg
[2012-05-30 13:38:35 | 000,322,549 | ---- | C] () -- C:\Users\Administrator\Desktop\Screenshot.png
[2012-05-29 10:55:12 | 000,166,050 | ---- | C] () -- C:\Users\Administrator\Desktop\CV - Dawid Sibiński.pdf
[2012-05-29 10:46:31 | 000,059,484 | ---- | C] () -- C:\Users\Administrator\Desktop\zdjęcie.jpg
[2012-05-28 12:18:22 | 000,001,610 | ---- | C] () -- C:\Users\Administrator\Desktop\FIX.CRT
[2012-05-21 21:11:25 | 000,520,770 | ---- | C] () -- C:\Users\Administrator\Desktop\zameldowanie.jpg
[2012-01-07 17:32:16 | 000,000,033 | ---- | C] () -- C:\ProgramData\droidcam-settings
[2011-12-30 22:01:18 | 000,017,408 | ---- | C] () -- C:\Users\Administrator\AppData\Local\WebpageIcons.db
[2011-10-15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-09-29 15:26:34 | 000,000,000 | ---- | C] () -- C:\Users\Administrator\AppData\Local\{EF830C3F-57A6-4B6E-AD8A-C0289DB11D22}
[2011-07-26 17:26:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011-07-26 17:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011-07-26 17:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011-07-26 17:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011-07-26 17:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011-03-31 15:35:23 | 000,071,680 | ---- | C] () -- C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-02-17 12:19:01 | 000,000,130 | ---- | C] () -- C:\Windows\MXSkypeRecorder.INI
[2011-02-13 16:13:56 | 000,000,035 | ---- | C] () -- C:\Windows\WorldBuilder.INI
[2011-01-11 20:33:29 | 000,007,604 | ---- | C] () -- C:\Users\Administrator\AppData\Local\resmon.resmoncfg
[2010-12-30 00:03:26 | 000,005,642 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010-12-30 00:03:26 | 000,000,088 | RHS- | C] () -- C:\ProgramData\698E2E5BE3.sys
[2010-12-22 17:09:05 | 000,002,356 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2010-12-22 16:57:58 | 000,000,512 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2010-12-22 16:57:22 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010-12-04 18:08:03 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010-12-04 18:06:58 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2010-11-29 09:08:27 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010-11-29 09:08:27 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010-11-29 09:08:25 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010-11-29 09:08:25 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010-11-29 09:08:25 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010-11-27 15:18:11 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-11-27 14:12:14 | 000,000,404 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010-11-27 14:08:07 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini
[2010-11-27 14:03:21 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010-11-27 13:39:31 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe
[2010-11-27 13:39:31 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe

[color=#E56717]========== LOP Check ==========[/color]

[2011-10-28 19:15:07 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\.minecraft
[2011-01-26 18:11:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\AntiBrowserSpy 2009
[2011-06-01 16:04:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\AnvSoft
[2011-01-24 22:08:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Ashampoo
[2012-02-22 19:39:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ASUS
[2011-09-20 21:44:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ASUS WebStorage
[2011-10-25 20:55:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\BITS
[2012-06-11 17:35:39 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\BitTorrent
[2010-12-28 20:21:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Command and Conquer 4
[2011-07-22 00:27:04 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Day 1 Studios
[2011-12-30 21:17:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DMCache
[2011-11-12 03:32:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DVDVideoSoft
[2011-09-18 12:57:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\eCareme
[2011-07-09 13:57:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EurekaLog
[2010-12-22 16:57:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FlashGet
[2010-12-22 16:57:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\FlashGetBHO
[2010-12-22 21:44:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Gadu-Gadu 10
[2011-08-20 16:30:53 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GanymedeNet
[2010-12-16 20:13:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GetRightToGo
[2010-11-27 15:49:27 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GHISLER
[2011-04-08 23:11:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Gmail Notifier Plus
[2012-04-07 23:21:59 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\gtk-2.0
[2011-10-01 23:35:21 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\HD Tune Pro
[2012-02-12 17:23:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\HLSW
[2011-06-15 07:09:53 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IObit
[2010-11-27 15:05:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IrfanView
[2010-11-27 23:49:25 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Leadertech
[2011-02-05 22:47:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Moje pliki Bitwy o Śródziemie™ II
[2011-03-01 13:11:46 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Need for Speed World
[2010-12-16 20:59:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\NetMedia Providers
[2010-11-27 16:06:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\NetSupport
[2012-02-13 23:17:03 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Nokia
[2012-02-13 23:17:03 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Nokia Suite
[2010-11-27 15:11:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Notepad++
[2011-12-30 21:55:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Orbit
[2011-10-21 20:33:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Origin
[2012-02-05 20:49:09 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PC Suite
[2011-10-25 20:57:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ProgSense
[2010-12-16 20:59:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Publish Providers
[2010-12-29 01:26:09 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Red Alert 3
[2012-04-12 18:43:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Samsung
[2011-01-02 03:53:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Sierra Entertainment
[2010-12-16 21:02:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Sony
[2011-09-21 18:20:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Sports Interactive
[2010-12-03 22:58:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Stereoscopic Player Komputer Świat Edition
[2011-06-13 20:52:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TeamViewer
[2011-05-09 22:13:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Teeworlds
[2010-11-27 14:03:21 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thunderbird
[2011-06-27 19:46:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TS3Client
[2011-05-11 19:48:10 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Ulead Systems
[2011-02-21 09:39:31 | 000,000,000 | -HSD | M] -- C:\Users\Administrator\AppData\Roaming\WinDefender
[2011-05-31 19:18:42 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Xilisoft
[2011-01-24 21:56:14 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Youtube Downloader HD
[2011-11-16 23:23:12 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Youtube to MP3 Converter
[2012-05-13 11:33:31 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >


extras:
Kod: Zaznacz wszystko
OTL Extras logfile created on: 2012-06-18 18:44:13 - Run 4
OTL by OldTimer - Version 3.2.44.0     Folder = D:\Downloads\Nowe
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,67 Gb Available Physical Memory | 66,77% Memory free
8,00 Gb Paging File | 6,58 Gb Available in Paging File | 82,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 23,85 Gb Free Space | 40,77% Space Free | Partition Type: NTFS
Drive D: | 372,53 Gb Total Space | 215,21 Gb Free Space | 57,77% Space Free | Partition Type: NTFS
Drive J: | 1,12 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: DRAGON-KOMPUTER | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2616109949-4265111833-505487840-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = D:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"D:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = D:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E3C972F-6F6E-448B-A8C1-C7F019E0EFEA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{14DFB4B4-64AA-41CA-AF22-5DF30724DDAE}" = lport=139 | protocol=6 | dir=in | app=system |
"{1E5C353A-FEB5-4952-B7DB-4B580E2E6C2F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{33904D43-4BBE-4B87-815B-8BAA4EACE911}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36DECD98-613A-4202-8D31-3E64697F072C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3BB07E3F-3789-403C-BC82-878CD444A34E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5ED83219-C51E-4297-A992-FF1B8482FDFA}" = lport=138 | protocol=17 | dir=in | app=system |
"{5F3B41D4-D120-4BAD-BE2C-33C0A686664A}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{65CFFCD7-5818-4500-B2C9-46C384EB4488}" = rport=139 | protocol=6 | dir=out | app=system |
"{68CD72D9-A600-4204-A7DF-8ACC9094BA81}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7158CE47-1DF2-413A-A661-1D40513B3A45}" = lport=445 | protocol=6 | dir=in | app=system |
"{7A24E8DC-EE49-4BB3-8811-CDD20F8F5DCE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A22C6634-A83F-4B8C-B198-E18F86D2FBD3}" = rport=137 | protocol=17 | dir=out | app=system |
"{BDE9A2FD-C307-46C5-ACFF-8641BB482DF5}" = rport=138 | protocol=17 | dir=out | app=system |
"{C58EA06E-FBA5-4F9F-9D40-0DD3E30F2090}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C9DAE7C3-8094-4E58-AB23-49B948AE79B0}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D502765C-97FE-48C4-8ED4-DE0DBBB15E65}" = rport=445 | protocol=6 | dir=out | app=system |
"{DBDDD836-AE7A-4B3D-A416-6E54ACB3BA63}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E02A8D65-1432-47C5-B2D0-9F7074541237}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E1025E79-559A-4B3F-8290-244D0945C798}" = lport=137 | protocol=17 | dir=in | app=system |
"{F4C7858D-9EB1-47A2-B924-4173A71AE1BD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FD5A4961-29E6-465A-A028-44C014E1BCA6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0286FCD9-B31D-4DC2-9FEB-8C36394AD6A1}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{040F9455-1848-40E7-B0F4-2F19ABA418F3}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steam.exe |
"{0669021D-B7AD-40F1-B7C4-A74AF541FADF}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{093F1813-4D3A-4DC6-AAF4-90F71F75E4C0}" = protocol=6 | dir=in | app=c:\program files (x86)\droidcam\droidcamapp.exe |
"{0CD96C79-32D5-4BC0-9004-463E7FE29914}" = protocol=17 | dir=in | app=d:\program files (x86)\bittorrent\bittorrent.exe |
"{170ED1CF-BB47-4BB5-B58C-8D4E000AC3DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{18A56F85-0337-4B37-9730-40E43E148C45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{19C80BA7-CD3B-4DF6-8CC0-4A85809C94D9}" = protocol=17 | dir=in | app=c:\program files (x86)\netsupport\netsupport school\pcideply.exe |
"{1EF677C9-E80D-4443-9C6B-5180A3AFED56}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1F3099F0-AF43-4812-9655-382FA7DA2F16}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2F275631-6DDB-4891-B1BB-932466974059}" = dir=out | app=d:\program files\eslwire\wire.exe |
"{301DB4BA-7112-4E16-B445-882C388882D7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{32AB19DD-96F4-4C0C-8EA0-2E81C161EFB4}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{4DF6762D-B2B4-4B63-B440-E638D95A794D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4F6C540E-5AC1-45E3-90AC-FDEFA0625B1D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4FBDCB98-12EA-4342-8C4C-7A8DDDF541D6}" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\bitwa o śródziemie ii\game.dat |
"{5246BC85-62A5-4E14-B5AF-232F2DFF030C}" = protocol=6 | dir=in | app=c:\program files (x86)\netsupport\netsupport school\pcideply.exe |
"{54B012BF-CB30-4D53-BDFF-8EC7AB5240D5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{59083919-D5F5-44EF-8DEE-E9BD02F40EE3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{603060F7-7198-4794-9BCD-763BDB77BBE3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6D8E1761-7EC8-4B07-8C9D-57F04A1B865B}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\dragon_1993\condition zero\hl.exe |
"{758C3B26-96B8-44AA-AF0F-9FBC06D90D99}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7B68473A-DDEE-4968-9D1E-231B0F573EB8}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\dragon_1993\counter-strike\hl.exe |
"{8093C9AF-4768-490B-B200-3D3103908000}" = protocol=17 | dir=in | app=c:\program files (x86)\netsupport\netsupport school\nssadmui.exe |
"{8349DC7E-0EEB-46EA-BE89-0919AC8FFC5C}" = dir=in | app=d:\program files\eslwire\wire.exe |
"{8445766D-FF5D-4271-B12B-D1ACB9F4D1E3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{84931800-A7C0-45FD-857E-9A9A88CC2E22}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\inputserv.exe |
"{8497E72D-101F-4E42-B40E-99CB5B0E6437}" = protocol=6 | dir=in | app=d:\program files (x86)\sports interactive\football manager 2011\fm.exe |
"{85B28030-CCBD-4FDF-BDE4-4ABD93CD741C}" = protocol=17 | dir=in | app=c:\users\administrator\appdata\roaming\spotify\spotify.exe |
"{866FA50A-25CF-4E35-BD70-602B95A196E8}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{87317955-C644-4A42-A45F-BCAEAA3D68F8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{87859222-CE86-45CC-8B18-3A0D15B71D6F}" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{8FAB04B5-C7B3-4A16-837F-4953E4EF52FC}" = protocol=17 | dir=in | app=c:\users\administrator\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{956A155F-A163-49B9-9A1A-D9187BC91C98}" = protocol=6 | dir=in | app=d:\program files (x86)\bittorrent\bittorrent.exe |
"{95F2D99B-6BF0-4297-B4D3-23B91AE2F2F9}" = protocol=1 | dir=in | name=hlsw icmp |
"{9AB444E8-B5B9-4880-B356-8A0922D42D5A}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{9DC809DA-B636-4CFE-9041-9D80C5DDF2C5}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srlogin.exe |
"{A12D077A-B6F3-4E9F-AA46-4C7EF3E55EDE}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{A1C2C7D1-134E-4383-949E-EC702CB58FDD}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{A1C3E875-4041-4813-B491-0AA229E7C755}" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\fifa 12\game\fifa.exe |
"{A51DB646-87F3-42BC-869F-7D58A0BCDA90}" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\bitwa o śródziemie ii\game.dat |
"{A6C0643E-15E6-437E-AC29-A192A6C4B39B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{A8A9BA0F-0375-4C85-8A85-846D7467E075}" = protocol=58 | dir=in | app=system |
"{AA9238F5-0376-40D8-8FF2-CECED90ABE63}" = protocol=6 | dir=in | app=d:\program files (x86)\sierra entertainment\empire earth iii\ee3.exe |
"{AC0490B4-94DE-4904-941D-7BA577B3CF4C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0CDCCC5-88C2-423C-8135-705D850415E1}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B38C4E8B-6A57-4A0E-8A5B-FDB036F0F7B3}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{B85B4545-0375-4D0C-830E-3C0285A02035}" = protocol=17 | dir=in | app=d:\program files (x86)\steam\steamapps\dragon_1993\condition zero\hl.exe |
"{B8B2EBDF-DDA3-4F8E-94A7-E943B4545CA3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B971DEFB-5940-4F70-976B-20CDD08E68B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BC44E3AC-A762-4E40-9E01-E6F58F04CC6D}" = protocol=6 | dir=out | app=system |
"{BE133137-6DEA-486E-B33A-D5C93605ECBF}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{C0B71512-4AFB-4441-B202-EA95261F3161}" = protocol=17 | dir=in | app=d:\program files (x86)\sierra entertainment\empire earth iii\ee3.exe |
"{C2212C85-5DAD-42DB-A2E7-7A1891BB8FF2}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{C57E12B6-E06D-488E-8FB1-7C6A0CF902FF}" = protocol=6 | dir=in | app=c:\users\administrator\appdata\roaming\spotify\spotify.exe |
"{C762E797-7BEB-42A9-A0A0-7B7A70A81664}" = protocol=6 | dir=in | app=d:\program files (x86)\steam\steamapps\dragon_1993\counter-strike\hl.exe |
"{C9621B54-C7C2-4502-8403-688F8C65FBDB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C9A384B2-F8CB-4808-AB00-6EFAD0D45060}" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\fifa 12\game\fifa.exe |
"{D2FB9FFD-B6C6-4E4D-8D0E-7351F4F28930}" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{DB0293C2-D19F-40C6-9ADD-0FAF0BF262BA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DC954693-FDEE-453D-9A8C-2F682A0408A7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DD5AFB21-D82B-4A4A-88C8-324DDD1D4FD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DEC5EC76-A9D4-44A7-822D-3AD98293AA5C}" = protocol=6 | dir=in | app=c:\program files (x86)\netsupport\netsupport school\nssadmui.exe |
"{E01B587C-B618-4890-8259-417CD7C3AF31}" = protocol=6 | dir=in | app=c:\users\administrator\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{E159B4A0-E01F-4265-8CE1-F94393D5469F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E39B39CB-222F-4BDA-A858-41EDC1725C92}" = protocol=17 | dir=in | app=c:\program files (x86)\droidcam\droidcamapp.exe |
"{E3ED01B8-B392-49C3-AD83-4D545F3FCB06}" = protocol=17 | dir=in | app=d:\program files (x86)\sports interactive\football manager 2011\fm.exe |
"{E8D304BA-22B7-4B16-85D1-BA68E9CE8899}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F91E2219-7D1B-4A9A-9FB2-B0A288ABA23F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FAA5CF2E-0059-47BF-AE3B-E552BE175ED9}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{FE1D7ED3-A4E1-43F2-BCB5-FCCFAF9A2B4A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{217B53C0-3FCF-4A59-8755-54D02A6FAA2C}D:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=d:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{2367A1BD-376C-45AD-8FDD-1DCDE44ECAF0}D:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{60EFB0C3-1A85-4AD9-B373-D6A3703791C7}D:\program files (x86)\microsoft games\age of empires iii\age3.exe" = protocol=6 | dir=in | app=d:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"TCP Query User{A59BEF40-E884-47D6-A826-F2317FF0117E}D:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=d:\program files (x86)\gadu-gadu 10\gg.exe |
"TCP Query User{E6695905-7090-43AE-A018-F2E85E46D19B}D:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=d:\totalcmd\totalcmd.exe |
"TCP Query User{EC269F5D-F0A5-4303-94DB-16E93EF3E733}D:\program files (x86)\electronic arts\fifa™ 11\game\fifa.exe" = protocol=6 | dir=in | app=d:\program files (x86)\electronic arts\fifa™ 11\game\fifa.exe |
"UDP Query User{50B3B775-789F-4616-BBED-935AFD3D193E}D:\program files (x86)\electronic arts\fifa™ 11\game\fifa.exe" = protocol=17 | dir=in | app=d:\program files (x86)\electronic arts\fifa™ 11\game\fifa.exe |
"UDP Query User{733AC4CA-8FF8-4AD7-80BF-68295DA16EEF}D:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=d:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{AC7BED87-E132-4FFC-8FA7-2F6181EA3A69}D:\program files (x86)\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=d:\program files (x86)\gadu-gadu 10\gg.exe |
"UDP Query User{CC98C158-CC85-43FE-A647-394A25A04D0B}D:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=d:\totalcmd\totalcmd.exe |
"UDP Query User{E31F895D-35E0-49D1-BA96-DB0075E820A0}D:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{ED81CC4F-96AF-41CF-B857-5BD24B9A70E4}D:\program files (x86)\microsoft games\age of empires iii\age3.exe" = protocol=17 | dir=in | app=d:\program files (x86)\microsoft games\age of empires iii\age3.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{565343AF-BB01-4638-A87A-06D04494796A}" = Desktop Restore
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum obsługi urządzeń z systemem Windows Mobile
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-1000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0016-0415-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0019-0415-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-001A-0415-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001B-0415-1000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010
"{90140000-0044-0415-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-00A1-0415-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00BA-0415-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}" = PaperPort Image Printer 64-bit
"{ACDE6F8D-F748-4535-AB8F-B6A7F9344868}" = ASUS Android USB Drivers
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 285.62
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"ESL Wire_is1" = ESL Wire 1.9.6
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Pakiet sterowników systemu Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Total Uninstall 6_is1" = Total Uninstall 6.1.0
"WinRAR archiver" = WinRAR 4.01 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0FD155A3-DF78-43ee-84B0-3CC86BA962F2}_is1" = Sothink Video Converter
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Bitwa o Śródziemie™ II
"{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{325045C9-F040-3D98-892D-53D5E840266C}" = Google Talk Plugin
"{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{4483C0BF-32EE-4D30-B0F6-76591B5F529B}" = NetSupport School
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5C4ED859-875F-4299-AA2C-E0E393BDCD21}" = ScanSoft PaperPort 11
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-375CW
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.1 - Polish
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro
"{B17E235C-7A3B-4482-B650-21FFDE1D452E}" = Empire Earth III
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share
"{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO
"{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common
"{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents
"{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO
"{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM
"{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1" = AntiBrowserSpy
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"Any Video Converter Professional_is1" = Any Video Converter Professional 3.2.2
"AQQ" = WapSter AQQ
"Ashampoo WinOptimizer 7_is1" = Ashampoo WinOptimizer 7 v.7.26
"Audacity_is1" = Audacity 1.2.6
"BitTorrent" = BitTorrent
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.0.3
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"F.E.A.R. 3_is1" = F.E.A.R. 3
"ffdshow_is1" = ffdshow [rev 2583] [2009-01-05]
"Football Manager 2011" = Football Manager 2011
"Fraps" = Fraps (remove only)
"Free YouTube Uploader_is1" = Free YouTube Uploader version 3.3.21.920
"Gadu-Gadu 10" = Gadu-Gadu 10
"Game Booster_is1" = Game Booster
"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker
"HaaliMkx" = Haali Media Splitter
"HD Tune Pro_is1" = HD Tune Pro 4.61
"HLSW_is1" = HLSW v1.4.0.2
"InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"IQ Zbiór testów na inteligencję1.0" = IQ Zbiór testów na inteligencję
"IrfanView" = IrfanView (remove only)
"JAFSetup" = JAF Setup
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.6.0 (Full)
"LinuxLive USB Creator" = LinuxLive USB Creator
"LogMeIn Hamachi" = LogMeIn Hamachi
"Minecraft Beta Cracked" = Minecraft Beta Cracked
"mIRC" = mIRC
"Mobiola Web Camera for S60_is1" = Mobiola Web Camera for S60 3.0.19
"Mozilla Firefox 12.0 (x86 pl)" = Mozilla Firefox 12.0 (x86 pl)
"Mozilla Thunderbird 12.0.1 (x86 pl)" = Mozilla Thunderbird 12.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nero8Lite_is1" = Nero 8 Lite 8.3.6.0
"Notepad++" = Notepad++
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OCCT_is1" = OCCT Perestroika 3.1.0
"OpenAL" = OpenAL
"Origin" = Origin
"Picasa 3" = Picasa 3
"Protected Folder_is1" = Protected Folder
"RealAlt_is1" = Real Alternative 2.0.2
"Skrzyżowania_is1" = Skrzyżowania 1.0.0.14
"SopCast" = SopCast 3.3.2
"SpeedFan" = SpeedFan (remove only)
"Steam App 10" = Counter-Strike
"Steam App 240" = Counter-Strike: Source
"Steam App 310" = Source Multiplayer Dedicated Server
"Steam App 5" = Dedicated Server
"Steam App 80" = Counter-Strike: Condition Zero
"TeamViewer 6" = TeamViewer 6
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV" = Veetle TV 0.9.18
"vShare.tv plugin" = vShare.tv plugin 1.3
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinToFlash Suggestor" = WinToFlash Suggestor
"WinX HD Video Converter_is1" = WinX Video Converter 4.1
"xp-AntiSpy" = xp-AntiSpy 3.97-9
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.5
"Youtube to MP3 Converter_is1" = Youtube to MP3 Converter v. 1.3

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2616109949-4265111833-505487840-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BankBrowser" = BankBrowser
"f031ef6ac137efc5" = Dell Driver Download Manager
"f58f3889281ea80b" = ContainerEx Decrypter
"Google Chrome" = Google Chrome
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-06-17 12:11:35 | Computer Name = Dragon-Komputer | Source = Winlogon | ID = 4103
Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005.

Error - 2012-06-17 13:34:17 | Computer Name = Dragon-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: ALLPlayer.exe, wersja: 4.5.6.9,
sygnatura czasowa: 0x4cce8e39  Nazwa modułu powodującego błąd: ALLPlayer.exe, wersja:
4.5.6.9, sygnatura czasowa: 0x4cce8e39  Kod wyjątku: 0xc0000005  Przesunięcie błędu:
0x0000588a  Identyfikator procesu powodującego błąd: 0xb94  Godzina uruchomienia aplikacji
powodującej błąd: 0x01cd4caf42fd699e  Ścieżka aplikacji powodującej błąd: C:\Program
Files (x86)\ALLPlayer\ALLPlayer.exe  Ścieżka modułu powodującego błąd: C:\Program
Files (x86)\ALLPlayer\ALLPlayer.exe  Identyfikator raportu: a93f1966-b8a2-11e1-a06d-940c6d84c3b7

Error - 2012-06-17 13:34:25 | Computer Name = Dragon-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: ALLPlayer.exe, wersja: 4.5.6.9,
sygnatura czasowa: 0x4cce8e39  Nazwa modułu powodującego błąd: ntdll.dll, wersja:
6.1.7600.16385, sygnatura czasowa: 0x4a5bdb3b  Kod wyjątku: 0xc0000005  Przesunięcie
błędu: 0x000335f2  Identyfikator procesu powodującego błąd: 0xb94  Godzina uruchomienia
aplikacji powodującej błąd: 0x01cd4caf42fd699e  Ścieżka aplikacji powodującej błąd:
C:\Program Files (x86)\ALLPlayer\ALLPlayer.exe  Ścieżka modułu powodującego błąd:
C:\Windows\SysWOW64\ntdll.dll  Identyfikator raportu: ae481536-b8a2-11e1-a06d-940c6d84c3b7

Error - 2012-06-17 13:34:53 | Computer Name = Dragon-Komputer | Source = Application Hang | ID = 1002
Description = Program winamp.exe w wersji 5.6.2.3173 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji.    Identyfikator procesu: 474    Godzina rozpoczęcia: 01cd4caf7164e820    Godzina zakończenia:
11    Ścieżka aplikacji: D:\Program Files (x86)\Winamp\winamp.exe    Identyfikator raportu:
bbaffb17-b8a2-11e1-a06d-940c6d84c3b7 

Error - 2012-06-18 06:43:25 | Computer Name = Dragon-Komputer | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej.  .

Error - 2012-06-18 11:23:25 | Computer Name = Dragon-Komputer | Source = SideBySide | ID = 16842815
Description = Nie można wygenerować kontekstu aktywacji dla "d:\program files (x86)\WapSter\wapster
aqq\System\DelZip179.dll". Błąd w pliku manifestu lub w pliku zasad "d:\program
files (x86)\WapSter\wapster aqq\System\DelZip179.dll" w wierszu 8.  Wartość "*" atrybutu
"language" elementu "assemblyIdentity" jest nieprawidłowa.

Error - 2012-06-18 12:29:24 | Computer Name = Dragon-Komputer | Source = VSS | ID = 8194
Description =

Error - 2012-06-18 12:30:05 | Computer Name = Dragon-Komputer | Source = VSS | ID = 8194
Description =

Error - 2012-06-18 12:35:33 | Computer Name = Dragon-Komputer | Source = Winlogon | ID = 4103
Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005.

Error - 2012-06-18 12:40:57 | Computer Name = Dragon-Komputer | Source = Winlogon | ID = 4103
Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005.

[ Media Center Events ]
Error - 2010-12-06 11:46:28 | Computer Name = Dragon-Komputer | Source = MCUpdate | ID = 0
Description = 16:46:28 - Nie można pobrać pakietu MCESpotlight (Błąd: Żądanie zostało
przerwane: Nie można utworzyć bezpiecznego kanału SSL/TLS.) 

Error - 2010-12-06 11:46:29 | Computer Name = Dragon-Komputer | Source = MCUpdate | ID = 0
Description = 16:46:29 - Nie można pobrać pakietu MCEClientUX (Błąd: Żądanie zostało
przerwane: Nie można utworzyć bezpiecznego kanału SSL/TLS.) 

[ System Events ]
Error - 2012-06-14 11:51:15 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2

Error - 2012-06-15 09:02:43 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2

Error - 2012-06-17 06:51:57 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2

Error - 2012-06-17 12:12:35 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2

Error - 2012-06-17 13:34:16 | Computer Name = Dragon-Komputer | Source = cdrom | ID = 262151
Description = W urządzeniu \Device\CdRom0 wystąpił zły blok.

Error - 2012-06-18 10:17:34 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7011
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji
z usługi lmhosts.

Error - 2012-06-18 10:17:34 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7011
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji
z usługi RapiMgr.

Error - 2012-06-18 12:31:45 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Stereoscopic 3D Driver Service niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1.

Error - 2012-06-18 12:36:30 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2

Error - 2012-06-18 12:42:01 | Computer Name = Dragon-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił
następujący błąd:   %%2


< End of report >


Dodam, że nie wygląda, aby coś to pomogło. Połączeń w netstat nadal jest masa, a np. problematyczna strona demotywatory.pl nadal nie działa.

Dodano 19.06.2012 18:30:20:
Czyli jednak - zagadka nie do rozwiązania xD.
Skromność, bez podpisu
Dragon2008
~user
 
Posty: 146
Dołączenie: 06 Kwi 2008, 11:53
Miejscowość: Grodków




Powróć do Bezpieczeństwo

Kto jest na forum

Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 2 gości