Problem z wyłączającym się internetem

**Posty:** 96 · przez **bielu** 13 Sie 2012, 22:02

Witam.
Problem jest następujący - nie wiadomo czemu wyłącza mi się net. Czasem grzebię sobie 3 godziny, czasem wywala się po 3 minutach. FF pokazuje odpowiedni komunikat i okno pt. uruchom ponownie / zamknij / przywróć strony. Chrome również się zawiesza i konieczne jest odświeżenie strony. Nie wiem, czy to ma związek - ale kiedy instaluję jakiś program i akurat mam włączony net i dochodzi do awarii, to instalacja pokazuje komunikat, że brak połączenia internetowego i instalacja zostanie przerwana. Dziwne to, bo mam włączone np. gg i tam wszystko działa.
Z innej beczki - wyrzuca mnie z Modern Warfare 3, gdy gram w multi, ale nie z serwera, a z całej gry. Mam komunikat, że IW5.exe przestał działać i tyle.
Przeskanowałem kompa czym się dało, zdefragmentowałem dyski, pobawiłem się ccleanerem i odkurzaczem i nic. Pomóżcie, bo jobla dostanę...

Dziękuję.

Poniżej podaję logi.

GMER:

Kod: Zaznacz wszystko: GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-08-13 21:54:06 Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AAKX-001CA0 rev.15.01H15 Running: e7msh5dp.exe; Driver: C:\Users\Dom\AppData\Local\Temp\uxriqpow.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0x91048536] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0x90F107BA] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAssignProcessToJobObject [0x91048F52] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0x91053D7A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0x91053DC6] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0x91053F48] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0x91053CE8] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x90F10BAC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0x91053D30] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateThread [0x91049146] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateThreadEx [0x910492CE] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0x91053F02] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDebugActiveProcess [0x910498CA] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0x91048584] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0x90F1089E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0x910481EC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0x910485D2] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0x9104D2A8] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0x9104A292] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0x91053DA4] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0x91053DE8] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0x91053F6C] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0x91053D0E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0x91053E8C] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0x91053D58] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0x91053F26] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0x90F10A1E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0x9104A15E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueueApcThreadEx [0x91049E9A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0x91048620] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0x9104866E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetContextThread [0x9104974A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0x91048276] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0x91048426] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0x910483CC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendProcess [0x91049A2C] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSuspendThread [0x91049B88] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0x91048496] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwTerminateProcess [0x90F10AE8] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwTerminateThread [0x910495CA] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0x910486BC] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwWriteVirtualMemory [0x90F10954] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x90F28744] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 830813C9 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 830BAD52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} .text ntkrnlpa.exe!KeRemoveQueueEx + 10CB 830C1D80 4 Bytes [36, 85, 04, 91] {TEST SS:[ECX+EDX*4], EAX} .text ntkrnlpa.exe!KeRemoveQueueEx + 10F3 830C1DA8 4 Bytes [BA, 07, F1, 90] .text ntkrnlpa.exe!KeRemoveQueueEx + 1153 830C1E08 4 Bytes [52, 8F, 04, 91] {PUSH EDX; POP DWORD [ECX+EDX*4]} .text ntkrnlpa.exe!KeRemoveQueueEx + 11A7 830C1E5C 8 Bytes [7A, 3D, 05, 91, C6, 3D, 05, ...] {JP 0x3f; ADD EAX, 0x53dc691; XCHG ECX, EAX} .text ntkrnlpa.exe!KeRemoveQueueEx + 11B3 830C1E68 4 Bytes [48, 3F, 05, 91] .text ... PAGE ntkrnlpa.exe!ObMakeTemporaryObject 8324EC64 5 Bytes JMP 90F2561C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObInsertObject + 27 83267290 5 Bytes JMP 90F27116 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108 8327C3D7 4 Bytes CALL 9104A959 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122 832961E0 4 Bytes CALL 9104A96F \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 8332011A 3 Bytes JMP 90F28748 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx + 4 8332011E 3 Bytes [0D, CC, CC] .text peauth.sys A3163C9D 28 Bytes CALL D89A7232 .text peauth.sys A3163CC1 28 Bytes CALL D89A7256 .text kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text user32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes [E9, 0A, 5C, 3B, 8A] {JMP 0xffffffff8a3b5c0f} .text user32.dll!UnhookWinEvent 75E6B750 5 Bytes [E9, A7, 4C, 3B, 8A] {JMP 0xffffffff8a3b4cac} .text user32.dll!SetWindowsHookExW 75E6E30C 5 Bytes [E9, F3, 24, 3B, 8A] {JMP 0xffffffff8a3b24f8} .text user32.dll!SetWinEventHook 75E724DC 5 Bytes [E9, 17, DD, 3A, 8A] {JMP 0xffffffff8a3add1c} .text user32.dll!SetWindowsHookExA 75E96D0C 5 Bytes [E9, EF, 98, 38, 8A] {JMP 0xffffffff8a3898f4} ---- User code sections - GMER 1.0.15 ---- .text C:\Windows\system32\Dwm.exe[332] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000A03FC .text C:\Windows\system32\Dwm.exe[332] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000A01F8 .text C:\Windows\system32\Dwm.exe[332] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\Dwm.exe[332] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 000C0A08 .text C:\Windows\system32\Dwm.exe[332] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 000C03FC .text C:\Windows\system32\Dwm.exe[332] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 000C0804 .text C:\Windows\system32\Dwm.exe[332] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 000C01F8 .text C:\Windows\system32\Dwm.exe[332] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 000C0600 .text C:\Windows\system32\csrss.exe[476] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\taskhost.exe[536] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000503FC .text C:\Windows\system32\taskhost.exe[536] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000501F8 .text C:\Windows\system32\taskhost.exe[536] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\taskhost.exe[536] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 000F0A08 .text C:\Windows\system32\taskhost.exe[536] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 000F03FC .text C:\Windows\system32\taskhost.exe[536] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 000F0804 .text C:\Windows\system32\taskhost.exe[536] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 000F01F8 .text C:\Windows\system32\taskhost.exe[536] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 000F0600 .text C:\Windows\system32\wininit.exe[540] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\csrss.exe[548] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\services.exe[600] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\lsass.exe[608] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\Explorer.EXE[612] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Windows\Explorer.EXE[612] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Windows\Explorer.EXE[612] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\Explorer.EXE[612] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00120A08 .text C:\Windows\Explorer.EXE[612] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 001203FC .text C:\Windows\Explorer.EXE[612] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00120804 .text C:\Windows\Explorer.EXE[612] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 001201F8 .text C:\Windows\Explorer.EXE[612] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00120600 .text C:\Windows\system32\lsm.exe[616] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\winlogon.exe[676] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\System32\svchost.exe[740] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Windows\System32\svchost.exe[740] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Windows\System32\svchost.exe[740] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\System32\svchost.exe[740] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00350A08 .text C:\Windows\System32\svchost.exe[740] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 003503FC .text C:\Windows\System32\svchost.exe[740] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00350804 .text C:\Windows\System32\svchost.exe[740] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 003501F8 .text C:\Windows\System32\svchost.exe[740] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00350600 .text C:\Windows\system32\svchost.exe[772] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\nvvsvc.exe[852] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[892] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\System32\svchost.exe[988] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\System32\svchost.exe[1024] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text ... .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Windows\System32\svchost.exe[1120] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Windows\System32\svchost.exe[1120] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\AUDIODG.EXE[1164] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[1232] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1268] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000703FC .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1268] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000701F8 .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1268] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1268] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00100A08 .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1268] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 001003FC .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1268] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00100804 .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1268] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 001001F8 .text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1268] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00100600 .text C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe[1340] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[1400] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1456] kernel32.dll!SetUnhandledExceptionFilter 76BCF4FB 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP } .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1456] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\nvvsvc.exe[1464] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\taskeng.exe[1588] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Windows\system32\taskeng.exe[1588] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Windows\system32\taskeng.exe[1588] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\taskeng.exe[1588] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 000F0A08 .text C:\Windows\system32\taskeng.exe[1588] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 000F03FC .text C:\Windows\system32\taskeng.exe[1588] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 000F0804 .text C:\Windows\system32\taskeng.exe[1588] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 000F01F8 .text C:\Windows\system32\taskeng.exe[1588] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 000F0600 .text C:\Windows\System32\spoolsv.exe[1776] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Windows\System32\spoolsv.exe[1776] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Windows\System32\spoolsv.exe[1776] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\System32\spoolsv.exe[1776] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00140A08 .text C:\Windows\System32\spoolsv.exe[1776] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 001403FC .text C:\Windows\System32\spoolsv.exe[1776] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00140804 .text C:\Windows\System32\spoolsv.exe[1776] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 001401F8 .text C:\Windows\System32\spoolsv.exe[1776] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00140600 .text C:\Windows\system32\svchost.exe[1900] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Windows\system32\svchost.exe[1900] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Windows\system32\svchost.exe[1900] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[1900] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00140A08 .text C:\Windows\system32\svchost.exe[1900] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 001403FC .text C:\Windows\system32\svchost.exe[1900] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00140804 .text C:\Windows\system32\svchost.exe[1900] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 001401F8 .text C:\Windows\system32\svchost.exe[1900] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00140600 .text C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe[2008] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 001603FC .text C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe[2008] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 001601F8 .text C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe[2008] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe[2008] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00300A08 .text C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe[2008] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 003003FC .text C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe[2008] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00300804 .text C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe[2008] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 003001F8 .text C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe[2008] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00300600 .text C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe[2056] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000503FC .text C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe[2056] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000501F8 .text C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe[2056] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe[2056] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00070A08 .text C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe[2056] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 000703FC .text C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe[2056] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00070804 .text C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe[2056] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 000701F8 .text C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe[2056] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00070600 .text C:\Windows\system32\SearchIndexer.exe[2152] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Windows\system32\SearchIndexer.exe[2152] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Windows\system32\SearchIndexer.exe[2152] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\SearchIndexer.exe[2152] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00100A08 .text C:\Windows\system32\SearchIndexer.exe[2152] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 001003FC .text C:\Windows\system32\SearchIndexer.exe[2152] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00100804 .text C:\Windows\system32\SearchIndexer.exe[2152] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 001001F8 .text C:\Windows\system32\SearchIndexer.exe[2152] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00100600 .text C:\Program Files\Last.fm\LastFM.exe[2160] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 001603FC .text C:\Program Files\Last.fm\LastFM.exe[2160] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 001601F8 .text C:\Program Files\Last.fm\LastFM.exe[2160] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\Last.fm\LastFM.exe[2160] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 003B0A08 .text C:\Program Files\Last.fm\LastFM.exe[2160] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 003B03FC .text C:\Program Files\Last.fm\LastFM.exe[2160] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 003B0804 .text C:\Program Files\Last.fm\LastFM.exe[2160] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 003B01F8 .text C:\Program Files\Last.fm\LastFM.exe[2160] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 003B0600 .text C:\Users\Dom\Desktop\e7msh5dp.exe[2256] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 001603FC .text C:\Users\Dom\Desktop\e7msh5dp.exe[2256] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 001601F8 .text C:\Users\Dom\Desktop\e7msh5dp.exe[2256] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Users\Dom\Desktop\e7msh5dp.exe[2256] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00220A08 .text C:\Users\Dom\Desktop\e7msh5dp.exe[2256] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 002203FC .text C:\Users\Dom\Desktop\e7msh5dp.exe[2256] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00220804 .text C:\Users\Dom\Desktop\e7msh5dp.exe[2256] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 002201F8 .text C:\Users\Dom\Desktop\e7msh5dp.exe[2256] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00220600 .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000A03FC .text C:\Windows\system32\svchost.exe[2316] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000A01F8 .text C:\Windows\system32\svchost.exe[2316] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[2336] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Windows\system32\svchost.exe[2336] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Windows\system32\svchost.exe[2336] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[2336] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00600A08 .text C:\Windows\system32\svchost.exe[2336] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 006003FC .text C:\Windows\system32\svchost.exe[2336] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00600804 .text C:\Windows\system32\svchost.exe[2336] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 006001F8 .text C:\Windows\system32\svchost.exe[2336] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00600600 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2392] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2392] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2392] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2392] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00200A08 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2392] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 002003FC .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2392] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00200804 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2392] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 002001F8 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[2392] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00200600 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2572] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2572] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2572] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2572] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00180A08 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2572] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 001803FC .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2572] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00180804 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2572] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 001801F8 .text C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe[2572] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00180600 .text C:\Windows\system32\svchost.exe[2724] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Windows\system32\svchost.exe[2724] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Windows\system32\svchost.exe[2724] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[2724] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00670A08 .text C:\Windows\system32\svchost.exe[2724] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 006703FC .text C:\Windows\system32\svchost.exe[2724] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00670804 .text C:\Windows\system32\svchost.exe[2724] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 006701F8 .text C:\Windows\system32\svchost.exe[2724] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00670600 .text C:\Windows\system32\svchost.exe[2900] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Windows\system32\svchost.exe[2900] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Windows\system32\svchost.exe[2900] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\svchost.exe[2900] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 001E0A08 .text C:\Windows\system32\svchost.exe[2900] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 001E03FC .text C:\Windows\system32\svchost.exe[2900] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 001E0804 .text C:\Windows\system32\svchost.exe[2900] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 001E01F8 .text C:\Windows\system32\svchost.exe[2900] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 001E0600 .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3224] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 001603FC .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3224] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 001601F8 .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3224] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3224] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00200A08 .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3224] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 002003FC .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3224] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00200804 .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3224] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 002001F8 .text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[3224] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00200600 .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3324] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3324] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3324] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3324] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00140A08 .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3324] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 001403FC .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3324] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00140804 .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3324] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 001401F8 .text C:\Program Files\Windows Media Player\wmpnetwk.exe[3324] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00140600 .text C:\Program Files\AVAST Software\Avast\AvastUI.exe[3456] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\Mozilla Firefox\firefox.exe[3632] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Program Files\Mozilla Firefox\firefox.exe[3632] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 6791B52A C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[3632] kernel32.dll!K32GetDeviceDriverBaseNameW + 5D 76BC93D6 7 Bytes JMP 67BCB6D2 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[3632] kernel32.dll!QueryPerformanceCounter + 13 76BCC435 7 Bytes JMP 67BCB6F5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[3632] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\Mozilla Firefox\firefox.exe[3632] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 001F0A08 .text C:\Program Files\Mozilla Firefox\firefox.exe[3632] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 001F03FC .text C:\Program Files\Mozilla Firefox\firefox.exe[3632] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 001F0804 .text C:\Program Files\Mozilla Firefox\firefox.exe[3632] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 001F01F8 .text C:\Program Files\Mozilla Firefox\firefox.exe[3632] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 001F0600 .text C:\Program Files\Mozilla Firefox\firefox.exe[3632] GDI32.dll!GetViewportOrgEx + 26C 75B1884B 7 Bytes JMP 67BCB653 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3724] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 001703FC .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3724] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 001701F8 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3724] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3724] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00210A08 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3724] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 002103FC .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3724] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00210804 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3724] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 002101F8 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3724] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00210600 .text C:\Program Files\Pidgin\pidgin.exe[3732] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 002503FC .text C:\Program Files\Pidgin\pidgin.exe[3732] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 002501F8 .text C:\Program Files\Pidgin\pidgin.exe[3732] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\Pidgin\pidgin.exe[3732] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 002F0A08 .text C:\Program Files\Pidgin\pidgin.exe[3732] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 002F03FC .text C:\Program Files\Pidgin\pidgin.exe[3732] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 002F0804 .text C:\Program Files\Pidgin\pidgin.exe[3732] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 002F01F8 .text C:\Program Files\Pidgin\pidgin.exe[3732] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 002F0600 .text C:\Windows\system32\wbem\wmiprvse.exe[3856] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 000603FC .text C:\Windows\system32\wbem\wmiprvse.exe[3856] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 000601F8 .text C:\Windows\system32\wbem\wmiprvse.exe[3856] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Windows\system32\wbem\wmiprvse.exe[3856] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 00100A08 .text C:\Windows\system32\wbem\wmiprvse.exe[3856] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 001003FC .text C:\Windows\system32\wbem\wmiprvse.exe[3856] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 00100804 .text C:\Windows\system32\wbem\wmiprvse.exe[3856] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 001001F8 .text C:\Windows\system32\wbem\wmiprvse.exe[3856] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 00100600 .text C:\Program Files\Winamp\winamp.exe[3992] ntdll.dll!LdrUnloadDll 7721C86E 5 Bytes JMP 001603FC .text C:\Program Files\Winamp\winamp.exe[3992] ntdll.dll!LdrLoadDll 7722223E 5 Bytes JMP 001601F8 .text C:\Program Files\Winamp\winamp.exe[3992] kernel32.dll!GetBinaryTypeW + 70 76BE69F4 1 Byte [62] .text C:\Program Files\Winamp\winamp.exe[3992] USER32.dll!UnhookWindowsHookEx 75E6ADF9 5 Bytes JMP 001F0A08 .text C:\Program Files\Winamp\winamp.exe[3992] USER32.dll!UnhookWinEvent 75E6B750 5 Bytes JMP 001F03FC .text C:\Program Files\Winamp\winamp.exe[3992] USER32.dll!SetWindowsHookExW 75E6E30C 5 Bytes JMP 001F0804 .text C:\Program Files\Winamp\winamp.exe[3992] USER32.dll!SetWinEventHook 75E724DC 5 Bytes JMP 001F01F8 .text C:\Program Files\Winamp\winamp.exe[3992] USER32.dll!SetWindowsHookExA 75E96D0C 5 Bytes JMP 001F0600 ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73FC24CB] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73FA562E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73FA56EC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73FC2546] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73FB85AA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73FB4D5E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73FB5105] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73FB51DA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [73FB6707] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73FB8301] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73FB8850] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73FB90B1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73FBE254] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[612] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73FB4C90] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1456] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [72F8F6D0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software) IAT C:\Program Files\AVAST Software\Avast\AvastUI.exe[3456] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [72F8F6D0] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (Common functions/AVAST Software) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software) Device \Driver\ACPI_HAL \Device\00000048 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) ---- EOF - GMER 1.0.15 ----

OLT:

Kod: Zaznacz wszystko: OTL logfile created on: 2012-08-13 21:55:05 - Run 1 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Dom\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 61,13% Memory free 6,50 Gb Paging File | 5,10 Gb Available in Paging File | 78,56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 78,12 Gb Total Space | 26,78 Gb Free Space | 34,28% Space Free | Partition Type: NTFS Drive D: | 193,36 Gb Total Space | 19,02 Gb Free Space | 9,84% Space Free | Partition Type: NTFS Drive E: | 194,18 Gb Total Space | 36,21 Gb Free Space | 18,65% Space Free | Partition Type: NTFS Computer Name: DOM-KOMPUTER | User Name: Dom | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-13 21:39:31 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Desktop\OTL.exe PRC - [2012-07-19 08:04:53 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-07-05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-07-03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-07-03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011-12-15 01:50:54 | 000,049,340 | ---- | M] (The Pidgin developer community) -- C:\Program Files\Pidgin\pidgin.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-03-22 20:38:10 | 001,596,032 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winamp.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-10-27 21:21:54 | 001,155,072 | ---- | M] (Last.fm) -- C:\Program Files\Last.fm\LastFM.exe PRC - [2010-10-08 02:03:40 | 000,792,168 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2009-10-07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-08-13 21:36:21 | 000,257,024 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\winamp.lng MOD - [2012-08-13 21:36:21 | 000,161,792 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\vis_milk2.lng MOD - [2012-08-13 21:36:21 | 000,087,552 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\vis_avs.lng MOD - [2012-08-13 21:36:21 | 000,054,272 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_local.lng MOD - [2012-08-13 21:36:21 | 000,047,616 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_disc.lng MOD - [2012-08-13 21:36:21 | 000,046,080 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_pmp.lng MOD - [2012-08-13 21:36:21 | 000,041,984 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\pmp_wifi.lng MOD - [2012-08-13 21:36:21 | 000,036,864 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ombrowser.lng MOD - [2012-08-13 21:36:21 | 000,016,896 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\out_ds.lng MOD - [2012-08-13 21:36:21 | 000,014,336 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_wire.lng MOD - [2012-08-13 21:36:21 | 000,014,336 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_online.lng MOD - [2012-08-13 21:36:21 | 000,013,312 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_playlists.lng MOD - [2012-08-13 21:36:21 | 000,012,800 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_plg.lng MOD - [2012-08-13 21:36:21 | 000,010,752 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\pmp_usb.lng MOD - [2012-08-13 21:36:21 | 000,010,752 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\pmp_android.lng MOD - [2012-08-13 21:36:21 | 000,009,216 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_downloads.lng MOD - [2012-08-13 21:36:21 | 000,008,704 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_history.lng MOD - [2012-08-13 21:36:21 | 000,008,704 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_devices.lng MOD - [2012-08-13 21:36:21 | 000,008,192 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_transcode.lng MOD - [2012-08-13 21:36:21 | 000,007,680 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\vis_nsfs.lng MOD - [2012-08-13 21:36:21 | 000,007,168 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\out_wave.lng MOD - [2012-08-13 21:36:21 | 000,006,656 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\pmp_ipod.lng MOD - [2012-08-13 21:36:21 | 000,006,144 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\tagz.lng MOD - [2012-08-13 21:36:21 | 000,006,144 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\out_disk.lng MOD - [2012-08-13 21:36:21 | 000,005,632 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_rg.lng MOD - [2012-08-13 21:36:21 | 000,005,120 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_impex.lng MOD - [2012-08-13 21:36:21 | 000,005,120 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_bookmarks.lng MOD - [2012-08-13 21:36:21 | 000,004,608 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\pmp_activesync.lng MOD - [2012-08-13 21:36:21 | 000,004,096 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\pmp_p4s.lng MOD - [2012-08-13 21:36:21 | 000,004,096 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_orb.lng MOD - [2012-08-13 21:36:21 | 000,003,584 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\winampa.lng MOD - [2012-08-13 21:36:21 | 000,003,584 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\pmp_njb.lng MOD - [2012-08-13 21:36:21 | 000,003,584 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_nowplaying.lng MOD - [2012-08-13 21:36:21 | 000,003,072 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\playlist.lng MOD - [2012-08-13 21:36:20 | 000,022,528 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_mp3.lng MOD - [2012-08-13 21:36:20 | 000,020,992 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_midi.lng MOD - [2012-08-13 21:36:20 | 000,018,432 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_mod.lng MOD - [2012-08-13 21:36:20 | 000,014,848 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_wm.lng MOD - [2012-08-13 21:36:20 | 000,013,312 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_cdda.lng MOD - [2012-08-13 21:36:20 | 000,011,264 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_vorbis.lng MOD - [2012-08-13 21:36:20 | 000,011,264 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_nsv.lng MOD - [2012-08-13 21:36:20 | 000,007,168 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_autotag.lng MOD - [2012-08-13 21:36:20 | 000,007,168 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_dshow.lng MOD - [2012-08-13 21:36:20 | 000,006,144 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_flac.lng MOD - [2012-08-13 21:36:20 | 000,005,632 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_wave.lng MOD - [2012-08-13 21:36:20 | 000,004,608 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_mp4.lng MOD - [2012-08-13 21:36:20 | 000,004,608 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_mkv.lng MOD - [2012-08-13 21:36:20 | 000,003,584 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\ml_addons.lng MOD - [2012-08-13 21:36:20 | 000,003,584 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_swf.lng MOD - [2012-08-13 21:36:20 | 000,003,584 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_linein.lng MOD - [2012-08-13 21:36:20 | 000,003,584 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_flv.lng MOD - [2012-08-13 21:36:19 | 000,066,560 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\burnlib.lng MOD - [2012-08-13 21:36:19 | 000,040,448 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\gen_jumpex.lng MOD - [2012-08-13 21:36:19 | 000,022,016 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\gen_ff.lng MOD - [2012-08-13 21:36:19 | 000,021,504 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\gen_ml.lng MOD - [2012-08-13 21:36:19 | 000,012,800 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\dsp_sps.lng MOD - [2012-08-13 21:36:19 | 000,011,264 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\gen_hotkeys.lng MOD - [2012-08-13 21:36:19 | 000,011,264 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\auth.lng MOD - [2012-08-13 21:36:19 | 000,010,240 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\enc_aacplus.lng MOD - [2012-08-13 21:36:19 | 000,007,680 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\gen_tray.lng MOD - [2012-08-13 21:36:19 | 000,007,168 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\gen_orgler.lng MOD - [2012-08-13 21:36:19 | 000,007,168 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\gen_crasher.lng MOD - [2012-08-13 21:36:19 | 000,006,144 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\enc_wma.lng MOD - [2012-08-13 21:36:19 | 000,005,632 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\enc_lame.lng MOD - [2012-08-13 21:36:19 | 000,005,120 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\in_avi.lng MOD - [2012-08-13 21:36:19 | 000,004,096 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\enc_wav.lng MOD - [2012-08-13 21:36:19 | 000,004,096 | ---- | M] () -- C:\Users\Dom\AppData\Local\Temp\WLZCB3A.tmp\enc_flac.lng MOD - [2012-07-19 08:04:53 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-03-01 13:21:18 | 000,219,305 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libpng14-14.dll MOD - [2012-03-01 13:21:18 | 000,095,189 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libpangocairo-1.0-0.dll MOD - [2012-03-01 13:21:18 | 000,090,496 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll MOD - [2012-03-01 13:21:18 | 000,055,808 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\zlib1.dll MOD - [2012-03-01 13:21:17 | 000,904,525 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libcairo-2.dll MOD - [2012-03-01 13:21:17 | 000,535,264 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\freetype6.dll MOD - [2012-03-01 13:21:17 | 000,482,872 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libgio-2.0-0.dll MOD - [2012-03-01 13:21:17 | 000,279,059 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libfontconfig-1.dll MOD - [2012-03-01 13:21:17 | 000,143,096 | ---- | M] () -- C:\Program Files\Pidgin\Gtk\bin\libexpat-1.dll MOD - [2011-12-15 01:50:58 | 000,063,229 | ---- | M] () -- C:\Program Files\Pidgin\plugins\spellchk.dll MOD - [2011-12-15 01:50:58 | 000,036,068 | ---- | M] () -- C:\Program Files\Pidgin\plugins\xmppdisco.dll MOD - [2011-12-15 01:50:58 | 000,030,333 | ---- | M] () -- C:\Program Files\Pidgin\plugins\xmppconsole.dll MOD - [2011-12-15 01:50:58 | 000,024,487 | ---- | M] () -- C:\Program Files\Pidgin\plugins\themeedit.dll MOD - [2011-12-15 01:50:58 | 000,024,106 | ---- | M] () -- C:\Program Files\Pidgin\plugins\ticker.dll MOD - [2011-12-15 01:50:58 | 000,023,455 | ---- | M] () -- C:\Program Files\Pidgin\plugins\winprefs.dll MOD - [2011-12-15 01:50:58 | 000,023,390 | ---- | M] () -- C:\Program Files\Pidgin\plugins\pidginrc.dll MOD - [2011-12-15 01:50:58 | 000,022,901 | ---- | M] () -- C:\Program Files\Pidgin\plugins\win2ktrans.dll MOD - [2011-12-15 01:50:58 | 000,019,854 | ---- | M] () -- C:\Program Files\Pidgin\plugins\ssl-nss.dll MOD - [2011-12-15 01:50:58 | 000,017,951 | ---- | M] () -- C:\Program Files\Pidgin\plugins\timestamp_format.dll MOD - [2011-12-15 01:50:58 | 000,013,589 | ---- | M] () -- C:\Program Files\Pidgin\plugins\timestamp.dll MOD - [2011-12-15 01:50:58 | 000,010,624 | ---- | M] () -- C:\Program Files\Pidgin\plugins\statenotify.dll MOD - [2011-12-15 01:50:58 | 000,010,203 | ---- | M] () -- C:\Program Files\Pidgin\plugins\sendbutton.dll MOD - [2011-12-15 01:50:58 | 000,010,075 | ---- | M] () -- C:\Program Files\Pidgin\plugins\relnot.dll MOD - [2011-12-15 01:50:58 | 000,010,026 | ---- | M] () -- C:\Program Files\Pidgin\plugins\psychic.dll MOD - [2011-12-15 01:50:58 | 000,007,162 | ---- | M] () -- C:\Program Files\Pidgin\plugins\ssl.dll MOD - [2011-12-15 01:50:56 | 000,301,681 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libmsn.dll MOD - [2011-12-15 01:50:56 | 000,184,224 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libgg.dll MOD - [2011-12-15 01:50:56 | 000,149,384 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libsilc.dll MOD - [2011-12-15 01:50:56 | 000,121,476 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libmxit.dll MOD - [2011-12-15 01:50:56 | 000,096,443 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libsametime.dll MOD - [2011-12-15 01:50:56 | 000,092,138 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libnovell.dll MOD - [2011-12-15 01:50:56 | 000,088,548 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libmyspace.dll MOD - [2011-12-15 01:50:56 | 000,079,922 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libirc.dll MOD - [2011-12-15 01:50:56 | 000,045,348 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libsimple.dll MOD - [2011-12-15 01:50:56 | 000,039,509 | ---- | M] () -- C:\Program Files\Pidgin\plugins\log_reader.dll MOD - [2011-12-15 01:50:56 | 000,022,335 | ---- | M] () -- C:\Program Files\Pidgin\plugins\notify.dll MOD - [2011-12-15 01:50:56 | 000,018,502 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libyahoo.dll MOD - [2011-12-15 01:50:56 | 000,017,519 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libxmpp.dll MOD - [2011-12-15 01:50:56 | 000,014,951 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libyahoojp.dll MOD - [2011-12-15 01:50:56 | 000,014,905 | ---- | M] () -- C:\Program Files\Pidgin\plugins\markerline.dll MOD - [2011-12-15 01:50:56 | 000,011,669 | ---- | M] () -- C:\Program Files\Pidgin\plugins\offlinemsg.dll MOD - [2011-12-15 01:50:56 | 000,011,163 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libicq.dll MOD - [2011-12-15 01:50:56 | 000,009,126 | ---- | M] () -- C:\Program Files\Pidgin\plugins\newline.dll MOD - [2011-12-15 01:50:54 | 000,194,434 | ---- | M] () -- C:\Program Files\Pidgin\libymsg.dll MOD - [2011-12-15 01:50:54 | 000,073,584 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libbonjour.dll MOD - [2011-12-15 01:50:54 | 000,019,058 | ---- | M] () -- C:\Program Files\Pidgin\plugins\convcolors.dll MOD - [2011-12-15 01:50:54 | 000,014,574 | ---- | M] () -- C:\Program Files\Pidgin\plugins\autoaccept.dll MOD - [2011-12-15 01:50:54 | 000,013,528 | ---- | M] () -- C:\Program Files\Pidgin\plugins\history.dll MOD - [2011-12-15 01:50:54 | 000,012,665 | ---- | M] () -- C:\Program Files\Pidgin\plugins\idle.dll MOD - [2011-12-15 01:50:54 | 000,012,177 | ---- | M] () -- C:\Program Files\Pidgin\plugins\joinpart.dll MOD - [2011-12-15 01:50:54 | 000,010,860 | ---- | M] () -- C:\Program Files\Pidgin\plugins\extplacement.dll MOD - [2011-12-15 01:50:54 | 000,010,232 | ---- | M] () -- C:\Program Files\Pidgin\plugins\libaim.dll MOD - [2011-12-15 01:50:54 | 000,008,793 | ---- | M] () -- C:\Program Files\Pidgin\plugins\gtkbuddynote.dll MOD - [2011-12-15 01:50:54 | 000,007,899 | ---- | M] () -- C:\Program Files\Pidgin\plugins\buddynote.dll MOD - [2011-12-15 01:50:54 | 000,007,511 | ---- | M] () -- C:\Program Files\Pidgin\plugins\iconaway.dll MOD - [2011-12-15 01:50:50 | 000,338,072 | ---- | M] () -- C:\Program Files\Pidgin\libjabber.dll MOD - [2011-12-15 01:50:50 | 000,256,017 | ---- | M] () -- C:\Program Files\Pidgin\liboscar.dll MOD - [2011-12-15 01:50:40 | 000,582,656 | ---- | M] () -- C:\Program Files\Pidgin\exchndl.dll MOD - [2011-12-15 01:50:40 | 000,475,580 | ---- | M] () -- C:\Program Files\Pidgin\spellcheck\libgtkspell-0.dll MOD - [2011-12-15 01:48:28 | 000,417,501 | ---- | M] () -- C:\Program Files\Pidgin\sqlite3.dll MOD - [2011-12-15 01:48:24 | 002,719,062 | ---- | M] () -- C:\Program Files\Pidgin\libsilc-1-1-2.dll MOD - [2011-12-15 01:48:24 | 001,206,642 | ---- | M] () -- C:\Program Files\Pidgin\libsilcclient-1-1-2.dll MOD - [2011-12-15 01:48:24 | 000,173,805 | ---- | M] () -- C:\Program Files\Pidgin\libmeanwhile-1.dll MOD - [2011-12-15 01:48:12 | 001,213,633 | ---- | M] () -- C:\Program Files\Pidgin\libxml2-2.dll MOD - [2011-06-22 00:39:10 | 000,623,616 | ---- | M] () -- C:\Program Files\Winamp\System\jnetlib.w5s MOD - [2011-06-22 00:39:10 | 000,174,080 | ---- | M] () -- C:\Program Files\Winamp\System\auth.w5s MOD - [2011-06-22 00:39:10 | 000,154,624 | ---- | M] () -- C:\Program Files\Winamp\System\jpeg.w5s MOD - [2011-06-22 00:39:10 | 000,103,936 | ---- | M] () -- C:\Program Files\Winamp\System\png.w5s MOD - [2011-06-22 00:39:10 | 000,090,112 | ---- | M] () -- C:\Program Files\Winamp\System\xml.w5s MOD - [2011-06-22 00:39:10 | 000,084,480 | ---- | M] () -- C:\Program Files\Winamp\System\playlist.w5s MOD - [2011-06-22 00:39:10 | 000,083,968 | ---- | M] () -- C:\Program Files\Winamp\tataki.dll MOD - [2011-06-22 00:39:10 | 000,047,616 | ---- | M] () -- C:\Program Files\Winamp\zlib.dll MOD - [2011-06-22 00:39:10 | 000,044,544 | ---- | M] () -- C:\Program Files\Winamp\System\devices.w5s MOD - [2011-06-22 00:39:10 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\System\timer.w5s MOD - [2011-06-22 00:39:10 | 000,021,504 | ---- | M] () -- C:\Program Files\Winamp\System\tagz.w5s MOD - [2011-06-22 00:39:10 | 000,019,456 | ---- | M] () -- C:\Program Files\Winamp\System\gif.w5s MOD - [2011-06-22 00:39:10 | 000,019,456 | ---- | M] () -- C:\Program Files\Winamp\System\bmp.w5s MOD - [2011-06-22 00:39:10 | 000,016,896 | ---- | M] () -- C:\Program Files\Winamp\System\dlmgr.w5s MOD - [2011-06-22 00:39:10 | 000,016,384 | ---- | M] () -- C:\Program Files\Winamp\System\gracenote.w5s MOD - [2011-06-22 00:39:10 | 000,014,336 | ---- | M] () -- C:\Program Files\Winamp\System\filereader.w5s MOD - [2011-06-22 00:39:10 | 000,013,824 | ---- | M] () -- C:\Program Files\Winamp\System\primo.w5s MOD - [2011-06-22 00:39:09 | 001,737,728 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_ff.dll MOD - [2011-06-22 00:39:09 | 000,410,624 | ---- | M] () -- C:\Program Files\Winamp\nsutil.dll MOD - [2011-06-22 00:39:09 | 000,313,344 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_wm.dll MOD - [2011-06-22 00:39:09 | 000,312,832 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_ml.dll MOD - [2011-06-22 00:39:09 | 000,293,888 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_local.dll MOD - [2011-06-22 00:39:09 | 000,288,768 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mp3.dll MOD - [2011-06-22 00:39:09 | 000,253,440 | ---- | M] () -- C:\Program Files\Winamp\libsndfile.dll MOD - [2011-06-22 00:39:09 | 000,252,416 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_vorbis.dll MOD - [2011-06-22 00:39:09 | 000,250,368 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_devices.dll MOD - [2011-06-22 00:39:09 | 000,240,640 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_pmp.dll MOD - [2011-06-22 00:39:09 | 000,200,704 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_disc.dll MOD - [2011-06-22 00:39:09 | 000,183,808 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_jumpex.dll MOD - [2011-06-22 00:39:09 | 000,171,008 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_ipod.dll MOD - [2011-06-22 00:39:09 | 000,165,376 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mod.dll MOD - [2011-06-22 00:39:09 | 000,136,192 | ---- | M] () -- C:\Program Files\Winamp\libFLAC.dll MOD - [2011-06-22 00:39:09 | 000,126,464 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_online.dll MOD - [2011-06-22 00:39:09 | 000,118,272 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_p4s.dll MOD - [2011-06-22 00:39:09 | 000,113,152 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_wifi.dll MOD - [2011-06-22 00:39:09 | 000,109,568 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_midi.dll MOD - [2011-06-22 00:39:09 | 000,102,400 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_cdda.dll MOD - [2011-06-22 00:39:09 | 000,083,456 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_plg.dll MOD - [2011-06-22 00:39:09 | 000,082,944 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_playlists.dll MOD - [2011-06-22 00:39:09 | 000,079,360 | ---- | M] () -- C:\Program Files\Winamp\nde.dll MOD - [2011-06-22 00:39:09 | 000,074,752 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_nsv.dll MOD - [2011-06-22 00:39:09 | 000,072,192 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_dshow.dll MOD - [2011-06-22 00:39:09 | 000,068,608 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_avi.dll MOD - [2011-06-22 00:39:09 | 000,060,928 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_android.dll MOD - [2011-06-22 00:39:09 | 000,060,928 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_flac.dll MOD - [2011-06-22 00:39:09 | 000,057,344 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_impex.dll MOD - [2011-06-22 00:39:09 | 000,057,344 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_orgler.dll MOD - [2011-06-22 00:39:09 | 000,053,760 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_usb.dll MOD - [2011-06-22 00:39:09 | 000,052,224 | ---- | M] () -- C:\Program Files\Winamp\Plugins\out_ds.dll MOD - [2011-06-22 00:39:09 | 000,052,224 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_history.dll MOD - [2011-06-22 00:39:09 | 000,050,688 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mp4.dll MOD - [2011-06-22 00:39:09 | 000,049,152 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_mkv.dll MOD - [2011-06-22 00:39:09 | 000,043,008 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_flv.dll MOD - [2011-06-22 00:39:09 | 000,033,792 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_rg.dll MOD - [2011-06-22 00:39:09 | 000,031,744 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_transcode.dll MOD - [2011-06-22 00:39:09 | 000,028,672 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_autotag.dll MOD - [2011-06-22 00:39:09 | 000,027,648 | ---- | M] () -- C:\Program Files\Winamp\Plugins\ml_bookmarks.dll MOD - [2011-06-22 00:39:09 | 000,027,648 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_hotkeys.dll MOD - [2011-06-22 00:39:09 | 000,025,600 | ---- | M] () -- C:\Program Files\Winamp\Plugins\gen_tray.dll MOD - [2011-06-22 00:39:09 | 000,023,552 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_swf.dll MOD - [2011-06-22 00:39:09 | 000,023,040 | ---- | M] () -- C:\Program Files\Winamp\System\albumart.w5s MOD - [2011-06-22 00:39:09 | 000,022,528 | ---- | M] () -- C:\Program Files\Winamp\Plugins\out_disk.dll MOD - [2011-06-22 00:39:09 | 000,020,480 | ---- | M] () -- C:\Program Files\Winamp\Plugins\pmp_njb.dll MOD - [2011-06-22 00:39:09 | 000,018,432 | ---- | M] () -- C:\Program Files\Winamp\Plugins\out_wave.dll MOD - [2011-06-22 00:39:09 | 000,016,896 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_wave.dll MOD - [2011-06-22 00:39:09 | 000,007,168 | ---- | M] () -- C:\Program Files\Winamp\Plugins\in_linein.dll MOD - [2010-10-27 21:23:04 | 000,106,496 | ---- | M] () -- C:\Program Files\Last.fm\srv_rtaudioplayback.dll MOD - [2010-10-27 21:22:52 | 000,057,344 | ---- | M] () -- C:\Program Files\Last.fm\ext_messengernotify.dll MOD - [2010-10-27 21:22:42 | 000,058,880 | ---- | M] () -- C:\Program Files\Last.fm\ext_skypenotify.dll MOD - [2010-10-27 21:22:08 | 000,147,456 | ---- | M] () -- C:\Program Files\Last.fm\srv_madtranscode.dll MOD - [2010-10-27 21:22:00 | 000,028,160 | ---- | M] () -- C:\Program Files\Last.fm\srv_httpinput.dll MOD - [2010-10-27 21:19:28 | 000,372,736 | ---- | M] () -- C:\Program Files\Last.fm\LastFmFingerprint1.dll MOD - [2010-10-27 21:19:06 | 000,025,088 | ---- | M] () -- C:\Program Files\Last.fm\breakpad.dll MOD - [2010-10-27 21:18:50 | 000,180,224 | ---- | M] () -- C:\Program Files\Last.fm\Moose1.dll MOD - [2010-10-27 21:18:34 | 000,540,672 | ---- | M] () -- C:\Program Files\Last.fm\LastFmTools1.dll MOD - [2010-10-27 21:13:52 | 001,382,507 | ---- | M] () -- C:\Program Files\Last.fm\libfftw3f-3.dll MOD - [2010-10-27 21:13:52 | 000,074,240 | ---- | M] () -- C:\Program Files\Last.fm\zlibwapi.dll MOD - [2008-04-16 17:42:30 | 000,376,832 | ---- | M] () -- C:\Program Files\Last.fm\QtNetwork4.dll MOD - [2008-04-16 17:42:16 | 000,524,288 | ---- | M] () -- C:\Program Files\Last.fm\QtSql4.dll MOD - [2008-04-16 17:42:02 | 006,701,056 | ---- | M] () -- C:\Program Files\Last.fm\QtGui4.dll MOD - [2008-04-16 17:36:38 | 000,376,832 | ---- | M] () -- C:\Program Files\Last.fm\QtXml4.dll MOD - [2008-04-16 17:36:34 | 001,654,784 | ---- | M] () -- C:\Program Files\Last.fm\QtCore4.dll MOD - [2008-04-02 14:26:50 | 000,233,472 | ---- | M] () -- C:\Program Files\Last.fm\imageformats\qmng4.dll MOD - [2008-04-02 14:26:34 | 000,021,504 | ---- | M] () -- C:\Program Files\Last.fm\imageformats\qgif4.dll MOD - [2008-04-02 14:26:28 | 000,135,168 | ---- | M] () -- C:\Program Files\Last.fm\imageformats\qjpeg4.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-07-19 08:04:53 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-07-05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-07-03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012-05-03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2009-10-07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Dom\AppData\Local\Temp\uxriqpow.sys -- (uxriqpow) DRV - [2012-07-03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012-07-03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012-07-03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012-07-03 18:21:53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2012-07-03 18:21:53 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr) DRV - [2012-07-03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012-02-09 22:43:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-10-20 08:09:03 | 000,123,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2010-02-25 18:51:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901) DRV - [2009-12-22 02:26:36 | 000,030,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2009-10-07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2009-05-05 03:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) DRV - [2009-05-01 00:56:30 | 000,495,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-269908403-4107780238-3698953934-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=112555&tt=060612_7_&babsrc=HP_ss&mntrId=469738f20000000000006c626dd8a5a2 IE - HKU\S-1-5-21-269908403-4107780238-3698953934-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-269908403-4107780238-3698953934-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-269908403-4107780238-3698953934-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&tt=060612_7_&babsrc=SP_ss&mntrId=469738f20000000000006c626dd8a5a2 IE - HKU\S-1-5-21-269908403-4107780238-3698953934-1000\..\SearchScopes\{C8BBAE5A-2124-4602-BE47-B9911266056F}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms} IE - HKU\S-1-5-21-269908403-4107780238-3698953934-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3 FF - prefs.js..extensions.enabledItems: {8b86149f-01fb-4842-9dd8-4d7eb02fd055}:0.22.1 FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.68 FF - prefs.js..extensions.enabledItems: IplextoALL@ALLPlayer.org:0.7.0 FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.114 FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.13 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.18 FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1426 FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.24.0.9 FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=112555&tt=060612_7_&babsrc=KW_ss&mntrId=469738f20000000000006c626dd8a5a2&q=" FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dom\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dom\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-07-22 21:27:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-19 08:04:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-08-13 15:30:31 | 000,000,000 | ---D | M] [2011-06-22 00:27:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\mozilla\Extensions [2012-08-13 15:59:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\ojet6egp.default\extensions [2011-08-01 08:33:26 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\ojet6egp.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055} [2012-02-01 21:06:31 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\ojet6egp.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3} [2012-06-28 12:09:04 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\ojet6egp.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2012-08-02 21:37:17 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\ojet6egp.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-02-10 15:28:32 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\ojet6egp.default\extensions\DeviceDetection@logitech.com [2012-04-11 12:07:35 | 000,000,000 | ---D | M] ("FoxFilter") -- C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\ojet6egp.default\extensions\foxfilter@inspiredeffect.net [2011-06-22 01:44:11 | 000,002,055 | ---- | M] () -- C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\ojet6egp.default\searchplugins\daemon-search.xml [2012-04-12 21:03:08 | 000,006,942 | ---- | M] () -- C:\Users\Dom\AppData\Roaming\Mozilla\Firefox\Profiles\ojet6egp.default\searchplugins\wyszukiwarka-onetpl.xml [2012-05-31 18:44:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-07-22 14:30:35 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-07-16 12:34:04 | 000,457,304 | ---- | M] () (No name found) -- C:\USERS\DOM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OJET6EGP.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}.XPI [2012-07-19 08:04:53 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-03-22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-19 00:03:41 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-06-07 12:56:33 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-06-19 00:03:41 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-06-19 00:03:41 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-06-19 00:03:41 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-06-19 00:03:41 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-06-19 00:03:41 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://search.babylon.com/?affID=112555&tt=060612_7_&babsrc=HP_ss&mntrId=469738f20000000000006c626dd8a5a2 CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}, CHR - homepage: http://search.babylon.com/?affID=112555&tt=060612_7_&babsrc=HP_ss&mntrId=469738f20000000000006c626dd8a5a2 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\21.0.1180.75\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dom\AppData\Local\Google\Chrome\Application\21.0.1180.75\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - Extension: Entanglement = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\ CHR - Extension: Angry Birds = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: YouTube = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Pasjans/Solitaire = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim\1.4.0.7_0\ CHR - Extension: Szukaj w Google = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Pirates: Tides of Fortune = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\djlmofcgpnpnhlbkgbpenbecfboohcka\0.88_0\ CHR - Extension: Pixlr-o-matic = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj\1.2_0\ CHR - Extension: Chain Reaction = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa\1.2_0\ CHR - Extension: AdBlock = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.38_0\ CHR - Extension: avast! WebRep = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\ CHR - Extension: Gmail = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKU\S-1-5-21-269908403-4107780238-3698953934-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [NWEReboot] File not found O4 - HKU\S-1-5-21-269908403-4107780238-3698953934-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-269908403-4107780238-3698953934-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.0) O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.0) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 89.231.1.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53A1DA1E-26A4-42B8-8D39-7EACFC4591F3}: DhcpNameServer = 217.172.224.160 89.231.1.206 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-13 21:39:29 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Dom\Desktop\OTL.exe [2012-08-13 21:38:11 | 000,675,896 | ---- | C] (Duplex Secure Ltd.) -- C:\Users\Dom\Desktop\SPTDinst-v181-x86.exe [2012-08-13 21:20:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012-08-13 21:20:56 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2012-08-13 21:18:22 | 148,981,624 | ---- | C] (AVG Technologies) -- C:\Users\Dom\Desktop\avg_free_x86_all_2012_2197a5126.exe [2012-08-13 20:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-08-13 20:20:09 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012-08-13 20:20:01 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012-08-13 20:20:01 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012-08-13 20:19:56 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-08-13 20:11:43 | 021,055,472 | ---- | C] (Oracle Corporation) -- C:\Users\Dom\Desktop\jre-7u5-windows-i586.exe [2012-08-13 18:57:05 | 000,893,936 | ---- | C] (Oracle Corporation) -- C:\Users\Dom\Desktop\jxpiinstall.exe [2012-08-10 07:46:38 | 000,000,000 | -HSD | C] -- C:\found.000 [2012-08-09 22:09:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinUtilities [2012-08-09 22:09:31 | 000,544,768 | ---- | C] (Stardock Corporation) -- C:\Windows\System32\wbocx.ocx [2012-08-09 22:09:31 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unicows.dll [2012-08-09 22:09:31 | 000,056,496 | ---- | C] (Stardock.Net, Inc) -- C:\Windows\System32\wbhelp2.dll [2012-08-09 22:09:31 | 000,033,968 | ---- | C] (Neil Banfield) -- C:\Windows\System32\anim.dll [2012-08-09 22:09:31 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\W95INF32.DLL [2012-08-09 22:09:31 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\W95INF16.DLL [2012-08-09 22:03:02 | 000,000,000 | ---D | C] -- C:\Program Files\WinUtilities [2012-08-09 20:31:41 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA [2012-08-09 20:30:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO [2012-08-09 20:25:50 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-08-09 20:25:50 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll [2012-08-09 20:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite [2012-08-09 20:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs [2012-08-09 20:02:39 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\NCH Software [2012-08-09 20:02:12 | 000,521,312 | ---- | C] (NCH Software) -- C:\Users\Dom\Desktop\switchsetup.exe [2012-07-22 21:24:27 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-07-22 19:30:49 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Ubisoft Game Launcher [2012-07-22 19:17:42 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft [2012-07-22 19:01:49 | 000,000,000 | -H-D | C] -- C:\Users\Dom\InstallAnywhere [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-08-13 21:40:02 | 000,014,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-13 21:40:02 | 000,014,768 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-13 21:39:31 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Desktop\OTL.exe [2012-08-13 21:39:19 | 000,302,592 | ---- | M] () -- C:\Users\Dom\Desktop\e7msh5dp.exe [2012-08-13 21:38:12 | 000,675,896 | ---- | M] (Duplex Secure Ltd.) -- C:\Users\Dom\Desktop\SPTDinst-v181-x86.exe [2012-08-13 21:34:52 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-08-13 21:34:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-08-13 21:34:38 | 2616,598,528 | -HS- | M] () -- C:\hiberfil.sys [2012-08-13 21:21:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-08-13 21:20:02 | 148,981,624 | ---- | M] (AVG Technologies) -- C:\Users\Dom\Desktop\avg_free_x86_all_2012_2197a5126.exe [2012-08-13 21:04:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-269908403-4107780238-3698953934-1000UA.job [2012-08-13 20:19:57 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012-08-13 20:19:57 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012-08-13 20:19:57 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012-08-13 20:11:58 | 021,055,472 | ---- | M] (Oracle Corporation) -- C:\Users\Dom\Desktop\jre-7u5-windows-i586.exe [2012-08-13 18:57:18 | 000,893,936 | ---- | M] (Oracle Corporation) -- C:\Users\Dom\Desktop\jxpiinstall.exe [2012-08-13 18:51:04 | 248,979,407 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012-08-13 18:23:53 | 000,737,464 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-08-13 18:23:53 | 000,651,672 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-08-13 18:23:53 | 000,154,152 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-08-13 18:23:53 | 000,120,604 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-08-13 16:22:10 | 000,309,824 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat [2012-08-11 15:52:09 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012-08-09 20:58:05 | 000,010,736 | ---- | M] () -- C:\bootsqm.dat [2012-08-09 20:25:50 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll [2012-08-09 20:25:50 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll [2012-08-09 20:02:41 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Switch Sound File Converter.lnk [2012-08-09 20:02:13 | 000,521,312 | ---- | M] (NCH Software) -- C:\Users\Dom\Desktop\switchsetup.exe [2012-08-09 13:04:00 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-269908403-4107780238-3698953934-1000Core.job [2012-08-06 01:32:17 | 000,000,218 | ---- | M] () -- C:\Users\Dom\.recently-used.xbel [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-13 21:39:18 | 000,302,592 | ---- | C] () -- C:\Users\Dom\Desktop\e7msh5dp.exe [2012-08-13 18:51:04 | 248,979,407 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012-08-09 22:09:31 | 000,000,439 | ---- | C] () -- C:\Windows\System32\shfolder.inf [2012-08-09 20:58:05 | 000,010,736 | ---- | C] () -- C:\bootsqm.dat [2012-08-09 20:26:50 | 000,309,824 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat [2012-08-09 20:02:41 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switch Sound File Converter.lnk [2012-08-09 20:02:41 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Switch Sound File Converter.lnk [2012-08-06 01:32:17 | 000,000,218 | ---- | C] () -- C:\Users\Dom\.recently-used.xbel [2012-05-21 20:30:18 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2012-04-22 21:19:58 | 000,004,096 | -H-- | C] () -- C:\Users\Dom\AppData\Local\keyfile3.drm [2012-03-05 01:40:53 | 000,003,048 | ---- | C] () -- C:\Windows\System32\EasyRedirect.ini [2012-03-05 01:40:53 | 000,001,728 | ---- | C] () -- C:\Windows\System32\EasyRedirectOff.ini [2012-02-10 15:32:27 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2011-10-14 17:06:57 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2011-06-22 18:17:18 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2011-06-22 16:34:57 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-06-22 16:34:56 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2011-06-22 01:50:23 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini [2011-06-21 15:13:55 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2010-10-20 08:09:03 | 000,007,282 | ---- | C] () -- C:\Windows\cadx2.ini [color=#E56717]========== LOP Check ==========[/color] [2012-08-13 21:57:52 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\.purple [2011-06-22 18:13:10 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\ACD Systems [2012-06-07 12:56:27 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Babylon [2012-02-10 21:09:15 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\calibre [2012-08-07 17:35:57 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\DAEMON Tools Lite [2012-01-21 14:20:30 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Dropbox [2012-03-19 16:00:15 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Firefly Studios [2011-06-22 00:44:55 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Gadu-Gadu [2012-04-21 19:06:57 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Gadu-Gadu 10 [2011-09-06 15:21:00 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\GHISLER [2012-08-05 22:07:03 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\gtk-2.0 [2012-02-10 15:33:19 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Leadertech [2011-10-30 20:39:01 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\NapiProjekt [2011-10-14 17:06:59 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\pdfforge [2012-08-13 16:01:03 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\QuickScan [2011-12-22 03:06:23 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\SuperHideIP [2012-03-20 21:35:14 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Ubisoft [2012-08-13 20:44:12 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\uTorrent [2012-03-28 13:50:30 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\wargaming.net [2012-06-07 12:56:25 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\YourFileDownloader [2012-08-12 19:52:02 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >

OLT Extras:

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2012-08-13 21:55:05 - Run 1 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Dom\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 1,99 Gb Available Physical Memory | 61,13% Memory free 6,50 Gb Paging File | 5,10 Gb Available in Paging File | 78,56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 78,12 Gb Total Space | 26,78 Gb Free Space | 34,28% Space Free | Partition Type: NTFS Drive D: | 193,36 Gb Total Space | 19,02 Gb Free Space | 9,84% Space Free | Partition Type: NTFS Drive E: | 194,18 Gb Total Space | 36,21 Gb Free Space | 18,65% Space Free | Partition Type: NTFS Computer Name: DOM-KOMPUTER | User Name: Dom | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-269908403-4107780238-3698953934-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee 11.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems) Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files\NAPI-PROJEKT\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files\NAPI-PROJEKT\napisy.exe" "%1" -pobierz_ang () Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{068D18C9-51F6-43B8-AA68-7EFADA111247}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{08CC99DF-067C-4F3B-8FAC-9F642BCFB480}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{242E83B1-685F-4274-A87E-BE5AD38EDE02}" = lport=2869 | protocol=6 | dir=in | app=system | "{26F82EA6-9EC3-4493-AD94-E97FCDC17B1E}" = lport=445 | protocol=6 | dir=in | app=system | "{3974E21F-2848-4473-AB13-8CE232FB1993}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3DCCD422-E07C-4C74-A5A6-1E1F9D06FB48}" = rport=445 | protocol=6 | dir=out | app=system | "{41B290ED-BF24-4582-9CC1-625727DE7C75}" = lport=139 | protocol=6 | dir=in | app=system | "{4313E87D-CB18-482D-A05C-CD14C78C1CF2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4AFB104F-1737-4E3E-AC14-213445DABEF2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{4BE86B98-4C2A-4868-B480-342DF098A274}" = rport=139 | protocol=6 | dir=out | app=system | "{570EB2BA-D75C-4023-B37E-2FD8F6866D96}" = lport=138 | protocol=17 | dir=in | app=system | "{58146907-BDD8-456A-8F7A-C0C1FC656B2F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{5D985ED2-B242-4366-B1F1-AD92FB0FE9E5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{60415CBF-6E8E-46BC-89C6-8EA757C857EA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{73F785BC-13B1-43AD-8646-5491573D7422}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | "{8BEC00D3-6E2C-4C54-8972-DD0A0F83A008}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{94B00E11-7DE3-43E7-93EC-03353BEE8A40}" = rport=137 | protocol=17 | dir=out | app=system | "{9FA29396-EBE1-4E7A-811A-94C6E7DA0318}" = rport=138 | protocol=17 | dir=out | app=system | "{A0163082-5CB3-4D5A-8CF0-F8CEC08CE16E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{A5DA236E-8AE0-489A-BCC5-2F67B5320D56}" = lport=137 | protocol=17 | dir=in | app=system | "{A61A5E8E-4681-42F3-B29C-80F68AC0F22C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{A8F7CD9C-781F-4502-BD60-ED32D341A390}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B1079717-1181-4D45-8FCE-6251CEF594F5}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{BAD08E89-053D-490C-8F02-DB46828975D7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BC6BC677-30DD-45D4-AC71-AD13B6CBE542}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C28F886A-5FDC-4703-A855-0EF74A516C58}" = rport=10243 | protocol=6 | dir=out | app=system | "{CB6EF896-08D5-4170-8C2B-BE67ECCE031B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{CD8E3F40-9307-4853-A8AA-7A654F439B5C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CEB25636-99FB-4FC3-9D2F-275833E13C69}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D709CE00-EBFF-44C3-B929-859A8CD98275}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{D8E8DDA5-DFDB-4E5D-89C7-DBB58DFEB5C6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E18C1BF1-2AAB-4034-8798-DBBCABE3FFC7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{ED544F29-C54D-46DB-B7AB-ED26FD170EC9}" = lport=10243 | protocol=6 | dir=in | app=system | "{F7420351-8CE9-400E-95AA-C2E165BB409E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{012BD173-9E21-4AD4-8DD3-B017216CBD6E}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{060A50C2-5C24-4DF9-8413-D85B6B35FE9E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe | "{0D3F532E-59B2-41E9-9F64-D6EA893CECA1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{0DCA5A24-6199-4FB5-A46F-6CC9743CB7D6}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{2324EF54-3FD7-43B1-A635-FA4C246E952B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{2F417479-DB6A-4EB2-8AFD-E44B59607BBD}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{354CD222-35B9-40FF-A977-187CAAB262C6}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{371A2374-99B8-41DA-A54D-2356554FA2B0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{39F78181-AD76-4A35-9619-C344C3F1BFA3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{3D180325-BEC3-4993-8059-CAE2216EC645}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3DEF9184-FA03-4D73-BF8C-59973195EB57}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{3E81058C-191B-491B-BB7D-CA6979DC8E35}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{4675DF7E-8935-43C4-88F3-84C4462B48B0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | "{49BAC003-3A89-4127-98E3-51AA72D71B90}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{4B45529E-1C06-44CC-BA0D-720AE5E4C11D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | "{4FE02493-5387-4A12-9E0D-30C1A0C32AF5}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{509D1598-D1B0-4643-B4A9-8448AA3F812A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | "{6BFF0983-CC75-4F0A-A1F7-04B6602E6197}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{6C2DC9DC-D51F-4DE6-B3E8-118A7AB6EA0B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7BBE2828-E508-4DF9-8CE6-AE1F0ED39B75}" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe | "{7DA3EB1C-378A-4864-8A33-53301D703786}" = protocol=58 | dir=in | app=system | "{7E4056F0-6FDF-4FF9-B1EF-0DB45E858083}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{868C7BD5-9C2B-400C-8F0A-FFAAFDAD1CC1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{87AA8585-0AFD-4249-B1E8-BAF032F39181}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{8C44349B-D85F-4B14-A83B-96165092FFB7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{94E31ED3-902C-4224-A3EE-786DDC60A8AF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{96B9BE75-9A3F-42AA-A8E8-AB9F36AE312E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{9B73E36D-31A9-4428-B8FB-561ACA9D0D59}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe | "{9D614386-0355-40A4-8396-8E55575D083B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | "{9E829D53-192F-4DF8-B9E5-855ED3769378}" = protocol=6 | dir=out | app=system | "{A9DA9F63-254B-416F-8B0F-EC56769417A2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{B31FC961-9919-4F17-B346-0A6BD29A554F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe | "{B70E9BFC-BE1A-41A7-9E16-E0072D10108F}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{B8A7CA40-A788-4E1B-BEEF-CA9A164C038E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{BEDECE45-09A8-46EB-B727-977730544433}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{C01132AE-8272-4CA3-887A-8BAA9C88E90D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | "{CBAB4C49-C367-4ED1-BDA4-E4611C8C9812}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{CE869764-89E4-469F-B8C8-A4A182730799}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{D3CC7B61-E207-4771-98AB-DACCA3D3D766}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | "{D418EB2C-1A72-4D89-84D6-1EB012383D0B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{D5EB1D71-A482-487F-83AD-1B3DDEFBD9DE}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe | "{D6CF3FBE-D6EC-4845-84A7-3517A8969C7A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{D8BD5A2B-F500-4D10-A7D8-B6777BF191D9}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{DC8C4839-AB9D-4EB9-AAD9-E10C2AAF5ACB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{E0FA33D2-25DD-4147-97E6-30C13DD6DA63}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{E6CEDE34-A2E4-4519-A16F-6EA0950B9B30}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F6A4BB92-B236-49BD-A4E2-4660EABA969E}" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\relicdownloader\relicdownloader.exe | "TCP Query User{3EFBACAF-3F32-4CE0-9457-24A0B020217F}C:\program files\thq\company of heroes\reliccoh.exe" = protocol=6 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe | "TCP Query User{62DF3F0D-A38E-4C27-9B1A-6BDB8C570ECF}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "TCP Query User{6B3E2C10-0A9D-4051-8378-E29F29A92839}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "TCP Query User{7BB94E59-3709-40F4-8297-72DEC298ADA2}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "TCP Query User{8178F20D-F765-4768-8DE1-492EE14F8D40}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe | "TCP Query User{9C0A74FD-3C6A-403C-9791-0252601B2DB7}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "TCP Query User{C16D42EA-6BAD-4E70-9CB5-710DBAFCF1B9}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe | "TCP Query User{E857CD53-C12C-4EE4-AB54-7ABEB10A5268}E:\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=e:\call of duty - black ops\blackops.exe | "UDP Query User{26EEDCE0-B0E3-43A5-939D-9A721B31A5D9}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe | "UDP Query User{5FC3E725-DD9F-4205-8F8C-7BA314D79DEA}E:\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=e:\call of duty - black ops\blackops.exe | "UDP Query User{8122FF9E-803E-429D-92C7-FE8869419DA3}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | "UDP Query User{B91AF5B3-E4DE-4F14-B49E-3AD154EA988A}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | "UDP Query User{BA99FCE1-A773-4408-AE9E-DAB02168E486}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | "UDP Query User{D2FF681E-3FAD-40CE-BC30-5092B27F5502}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | "UDP Query User{E77F5548-DD6B-400C-AFA7-737C2C6E8491}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe | "UDP Query User{E8D01654-8A1B-4183-AC42-445D9341F7FE}C:\program files\thq\company of heroes\reliccoh.exe" = protocol=17 | dir=in | app=c:\program files\thq\company of heroes\reliccoh.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI "{176A02AC-6C89-A8B2-6D0A-F11DBA363C3F}" = ATI Catalyst Install Manager "{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI "{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5 "{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety "{300578F9-9EFF-4B93-9AB1-C0E5707EF463}" = ACDSee Photo Manager 2009 "{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4105BF5B-1DC2-4EEF-88AF-3C9EAF69827F}" = calibre "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI "{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6905AAF7-2EEA-4BC0-A429-9A6FB75D57BF}" = Windows Live Family Safety "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI "{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI "{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver "{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Polish "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 260.89 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 260.89 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.1.9.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI "{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{FC274982-5AAD-4C20-848D-4424A5043010}_is1" = WinUtilities 10.53 Free Edition "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "ALLPlayer_is1" = ALLPlayer V4.X "avast" = avast! Free Antivirus "Call of Duty: Black Ops_is1" = Call of Duty: Black Ops "CCleaner" = CCleaner "Company of Heroes" = Company of Heroes "Fraps" = Fraps (remove only) "Gadu-Gadu" = Gadu-Gadu 7.7 "Heroes of Might and Magic II" = Heroes of Might and Magic II "LastFM_is1" = Last.fm 1.5.4.27091 "Logitech Vid" = Logitech Vid HD "lvdrivers_12.10" = Pakiet sterowników: Logitech Webcam Software "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl) "MozillaMaintenanceService" = Mozilla Maintenance Service "NapiProjekt_is1" = NapiProjekt 2.0.0 (build 1686) "Odkurzacz 12.6_is1" = Odkurzacz 12.6 "Pidgin" = Pidgin "SkanerOnline" = Skaner on-line mks_vir "Steam App 42680" = Call of Duty: Modern Warfare 3 "Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer "Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server "Switch" = Switch Sound File Converter "Totalcmd" = Total Commander (Remove or Repair) "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.11 "Winamp" = Winamp "WinLiveSuite" = Podstawowe programy Windows Live "WinRAR archiver" = WinRAR 4.01 (32-bitowy) [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-269908403-4107780238-3698953934-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-08-13 15:22:39 | Computer Name = Dom-Komputer | Source = VSS | ID = 12289 Description = Error - 2012-08-13 15:22:39 | Computer Name = Dom-Komputer | Source = VSS | ID = 12297 Description = Error - 2012-08-13 15:22:47 | Computer Name = Dom-Komputer | Source = VSS | ID = 12289 Description = Error - 2012-08-13 15:22:47 | Computer Name = Dom-Komputer | Source = VSS | ID = 12297 Description = Error - 2012-08-13 15:22:57 | Computer Name = Dom-Komputer | Source = VSS | ID = 12289 Description = Error - 2012-08-13 15:22:57 | Computer Name = Dom-Komputer | Source = VSS | ID = 12297 Description = Error - 2012-08-13 15:23:08 | Computer Name = Dom-Komputer | Source = VSS | ID = 12289 Description = Error - 2012-08-13 15:23:08 | Computer Name = Dom-Komputer | Source = VSS | ID = 12297 Description = Error - 2012-08-13 15:23:15 | Computer Name = Dom-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: msiexec.exe, wersja: 5.0.7601.17514, sygnatura czasowa: 0x4ce792c4 Nazwa modułu powodującego błąd: msxml3.dll, wersja: 8.110.7601.17857, sygnatura czasowa: 0x4fcee2f0 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000062bd Identyfikator procesu powodującego błąd: 0xc88 Godzina uruchomienia aplikacji powodującej błąd: 0x01cd7988c494643c Ścieżka aplikacji powodującej błąd: C:\Windows\system32\msiexec.exe Ścieżka modułu powodującego błąd: C:\Windows\System32\msxml3.dll Identyfikator raportu: 5430ac7f-e57c-11e1-88e3-6c626dd8a5a2 Error - 2012-08-13 15:23:16 | Computer Name = Dom-Komputer | Source = MsiInstaller | ID = 11719 Description = [ System Events ] Error - 2012-08-13 15:30:42 | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023 Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error - 2012-08-13 15:35:35 | Computer Name = Dom-Komputer | Source = PNRPSvc | ID = 102 Description = Error - 2012-08-13 15:35:35 | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023 Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error - 2012-08-13 15:35:35 | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error - 2012-08-13 15:35:45 | Computer Name = Dom-Komputer | Source = PNRPSvc | ID = 102 Description = Error - 2012-08-13 15:35:46 | Computer Name = Dom-Komputer | Source = PNRPSvc | ID = 102 Description = Error - 2012-08-13 15:35:45 | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023 Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error - 2012-08-13 15:35:45 | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error - 2012-08-13 15:35:46 | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023 Description = Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error - 2012-08-13 15:35:46 | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 < End of report >

Problem z wyłączającym się internetem

Problem z wyłączającym się internetem

Kto jest na forum