OTL:
- Kod: Zaznacz wszystko
OTL logfile created on: 2012-08-25 17:40:46 - Run 2
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Mateusz\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
4,00 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 61,57% Memory free
8,00 Gb Paging File | 6,15 Gb Available in Paging File | 76,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 3,30 Gb Free Space | 2,95% Space Free | Partition Type: NTFS
Drive E: | 37,27 Gb Total Space | 8,42 Gb Free Space | 22,58% Space Free | Partition Type: NTFS
Computer Name: DOMINATOR | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2012-08-25 16:50:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Downloads\OTL.exe
PRC - [2012-08-06 08:45:03 | 001,890,744 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe
PRC - [2012-07-14 02:13:42 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-04-03 15:24:32 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe
PRC - [2011-12-31 14:07:08 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011-08-25 16:04:10 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-08-22 09:48:44 | 003,346,032 | ---- | M] (Babylon Ltd.) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe
PRC - [2011-04-21 07:53:48 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011-04-21 07:53:33 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011-02-17 05:38:18 | 000,920,064 | ---- | M] () -- C:\Program Files (x86)\WGA Remover\wgaremover.exe
PRC - [2010-10-20 12:22:24 | 000,630,272 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010-04-12 10:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2010-03-04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
PRC - [2010-02-18 12:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2009-11-11 10:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009-10-27 11:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009-02-05 14:43:26 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
PRC - [2007-04-25 13:36:36 | 000,280,064 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Portrait Displays\HP My Display\dthtml.exe
PRC - [2007-04-25 13:34:44 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2007-02-09 13:17:30 | 000,694,008 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
PRC - [2007-02-09 13:17:26 | 000,694,008 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2012-07-14 02:14:07 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012-02-29 16:33:22 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012-02-15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe
MOD - [2011-02-17 05:38:18 | 000,920,064 | ---- | M] () -- C:\Program Files (x86)\WGA Remover\wgaremover.exe
MOD - [2010-03-29 14:02:48 | 000,520,234 | ---- | M] () -- C:\ProgramData\Babylon\sqlite3.dll
MOD - [2008-08-12 10:16:16 | 002,023,424 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2008-07-29 13:47:56 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2008-07-29 13:47:38 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2008-07-29 13:11:18 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2008-07-29 13:01:12 | 007,331,840 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
MOD - [2008-07-29 12:50:26 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2007-04-25 13:34:46 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2007-04-25 13:33:54 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2007-04-24 11:49:34 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\drivers\di2c.dll
MOD - [2007-02-09 13:17:30 | 000,694,008 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
MOD - [2007-02-09 13:17:26 | 000,694,008 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
MOD - [2007-02-09 13:16:08 | 000,245,760 | ---- | M] () -- C:\Program Files (x86)\Portrait Displays\Pivot Software\winphook.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - [2011-11-10 05:11:32 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2011-11-09 23:08:52 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-07-14 02:13:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011-12-31 14:07:08 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011-08-25 16:04:10 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011-04-21 07:53:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011-03-02 11:25:27 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-10-20 12:22:24 | 000,630,272 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-03-04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010-01-12 16:57:44 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-02-05 14:43:26 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2007-04-25 13:34:44 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2011-11-10 05:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2011-11-10 05:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2011-11-10 04:12:44 | 000,325,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2011-08-25 16:04:10 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:[b]64bit:[/b] - [2011-08-25 16:04:10 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:[b]64bit:[/b] - [2011-07-29 13:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:[b]64bit:[/b] - [2011-07-29 13:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:[b]64bit:[/b] - [2011-06-24 07:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:[b]64bit:[/b] - [2011-03-11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-12-02 12:14:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:[b]64bit:[/b] - [2010-12-02 12:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:[b]64bit:[/b] - [2010-12-02 12:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:[b]64bit:[/b] - [2010-12-02 12:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:[b]64bit:[/b] - [2010-12-02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:[b]64bit:[/b] - [2010-12-02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:[b]64bit:[/b] - [2010-12-02 10:36:42 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:[b]64bit:[/b] - [2010-04-12 10:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2010-02-26 14:21:20 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:[b]64bit:[/b] - [2010-02-18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:[b]64bit:[/b] - [2009-11-12 14:48:56 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen)
DRV:[b]64bit:[/b] - [2009-09-23 10:42:58 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 02:09:15 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2009-07-14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-12-25 11:30:52 | 000,190,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:[b]64bit:[/b] - [2008-08-28 13:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:[b]64bit:[/b] - [2007-07-18 11:34:16 | 000,189,664 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V0260Vid.sys -- (V0260VID)
DRV:[b]64bit:[/b] - [2007-04-20 08:22:34 | 000,073,440 | ---- | M] (FotoNation Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CoachUsb.sys -- (CoachUsb)
DRV:[b]64bit:[/b] - [2007-04-20 08:22:34 | 000,066,336 | ---- | M] (FotoNation Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CoachVid.sys -- (CoachVid)
DRV:[b]64bit:[/b] - [2006-11-16 18:26:44 | 000,019,248 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pdiports.sys -- (PdiPorts)
DRV:[b]64bit:[/b] - [2006-08-29 16:56:19 | 000,032,377 | ---- | M] (B-phreaks) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\prodigy.sys -- (PRODIGY)
DRV - [2012-08-25 17:13:46 | 000,023,080 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011-07-29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2011-07-29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2010-01-29 11:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009-11-12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=4fb9c790-8bed-11e1-aa96-00241ddd900f
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{848F1555-0090-4524-ACB1-F6850E321048}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=4fb9c790-8bed-11e1-aa96-00241ddd900f
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=4fb9c790-8bed-11e1-aa96-00241ddd900f&q={searchTerms}
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=iron&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=en_US
IE - HKCU\..\SearchScopes\{848F1555-0090-4524-ACB1-F6850E321048}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\..\SearchScopes\{B15F5A73-F27E-4343-9EF3-929C8E06F4F2}: "URL" = http://start.funmoods.com/results.php?f=4&a=vsl&q={searchTerms}
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\..\SearchScopes\{FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD}: "URL" = http://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=en&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - user.js - File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mateusz\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mateusz\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Mateusz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011-08-21 18:35:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011-08-21 18:35:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-04-03 15:24:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-08-25 17:06:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-11-19 18:52:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2012-08-24 21:18:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions
[2012-08-25 16:24:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\1gwc3g7p.default\extensions
[2012-08-24 21:18:12 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\1gwc3g7p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012-06-27 14:33:18 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\1gwc3g7p.default\extensions\plugin@yontoo.com
[2012-08-25 17:06:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012-07-14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010-02-15 17:35:06 | 000,120,296 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll
[2012-07-14 03:22:43 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2011-06-30 12:17:59 | 000,005,142 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\arccosine.xml
[2012-07-14 03:22:43 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2011-03-19 14:33:13 | 000,002,047 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2012-07-14 03:22:43 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-07-14 03:22:43 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-08-24 21:18:10 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2012-07-14 03:22:43 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-07-14 03:22:43 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - homepage: http://www.searchnu.com/406
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.searchnu.com/406
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.6_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.6.0_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.6.0_0\funmoods\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggcgfnjklfejfanaekicpiiablpbdfba\3_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ingclbkakpbccicdfidmlgmplkiipoll\1.1_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\kphehmgholanghcpmibmddekgklalcpm\1.1_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\
CHR - Extension: No name found = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012-08-25 16:25:07 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL (Microsoft Corporation)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~2\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Sopcast Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.)
O4 - HKLM..\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe ()
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [DT HPW] C:\Program Files (x86)\Portrait Displays\HP My Display\DTHtml.exe (Portrait Displays, Inc)
O4 - HKLM..\Run: [PivotSoftware] C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WGA Remover] C:\Program Files (x86)\WGA Remover\wgaremover.exe ()
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ()
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:[b]64bit:[/b] - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8:[b]64bit:[/b] - Extra context menu item: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Mateusz\Desktop\PartyPoker.lnk ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Mateusz\Desktop\PartyPoker.lnk ()
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://service.futuremark.com/openapi/receivers/FMSI.cab (Futuremark SystemInfo)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B070AA7D-7E70-4FC3-B034-869D717E9DF0}: DhcpNameServer = 192.168.1.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CF06718D-CAC3-4384-B64C-8848045460B8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D02B2CD1-C0D3-4636-B9A3-DB9D201C607B}: DhcpNameServer = 192.168.1.100
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\vsharechrome - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\vsharechrome - No CLSID value found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012-08-25 17:11:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-08-25 17:06:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-08-25 17:05:41 | 017,552,168 | ---- | C] (Mozilla) -- C:\Users\Mateusz\Desktop\Firefox Setup 14.0.1.exe
[2012-08-25 16:26:57 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012-08-24 21:24:29 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\vlc
[2012-08-24 21:24:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012-08-24 21:24:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012-08-24 21:19:00 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\Ilivid Player
[2012-08-24 21:18:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Searchqu Toolbar
[2012-08-24 21:18:10 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012-08-10 20:25:19 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\.minecraft
[2012-07-31 16:00:48 | 006,955,968 | ---- | C] (Microsoft Corporation) -- C:\Users\Mateusz\Desktop\Silverlight.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\Fonts\*.tmp files -> C:\Windows\Fonts\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012-08-25 17:31:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-08-25 17:21:14 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-08-25 17:21:14 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-08-25 17:18:05 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2247349209-3091610151-10017335-1000UA.job
[2012-08-25 17:13:58 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-08-25 17:13:46 | 000,023,080 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012-08-25 17:13:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-08-25 17:06:11 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-08-25 17:05:52 | 017,552,168 | ---- | M] (Mozilla) -- C:\Users\Mateusz\Desktop\Firefox Setup 14.0.1.exe
[2012-08-25 16:25:07 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012-08-24 23:03:57 | 000,060,988 | ---- | M] () -- C:\Users\Mateusz\Desktop\Przechwytywanie.JPG
[2012-08-24 22:18:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2247349209-3091610151-10017335-1000Core.job
[2012-08-24 21:24:16 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012-08-23 16:09:29 | 000,021,839 | ---- | M] () -- C:\Users\Mateusz\Documents\act.odt
[2012-08-19 00:54:30 | 000,077,740 | ---- | M] () -- C:\Users\Mateusz\Desktop\skanowanie0004r.jpg
[2012-08-18 20:59:55 | 000,081,938 | ---- | M] () -- C:\Windows\SysWow64\minecraft.jar
[2012-08-18 20:59:55 | 000,076,419 | ---- | M] () -- C:\Windows\SysWow64\minecraft_modified.jar
[2012-08-02 17:19:44 | 001,662,744 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-08-02 17:19:44 | 000,737,780 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-08-02 17:19:44 | 000,651,988 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-08-02 17:19:44 | 000,154,468 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-08-02 17:19:44 | 000,120,920 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-07-31 16:00:49 | 006,955,968 | ---- | M] (Microsoft Corporation) -- C:\Users\Mateusz\Desktop\Silverlight.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012-08-25 17:06:11 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-08-25 17:06:11 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-08-24 23:03:57 | 000,060,988 | ---- | C] () -- C:\Users\Mateusz\Desktop\Przechwytywanie.JPG
[2012-08-24 21:24:16 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012-08-23 16:09:28 | 000,021,839 | ---- | C] () -- C:\Users\Mateusz\Documents\act.odt
[2012-08-19 00:54:30 | 000,077,740 | ---- | C] () -- C:\Users\Mateusz\Desktop\skanowanie0004r.jpg
[2012-08-18 20:59:55 | 000,081,938 | ---- | C] () -- C:\Windows\SysWow64\minecraft.jar
[2012-08-18 20:59:55 | 000,076,419 | ---- | C] () -- C:\Windows\SysWow64\minecraft_modified.jar
[2012-06-27 14:01:20 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2012-05-16 18:08:52 | 000,006,144 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-11-10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011-11-10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011-11-09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011-11-09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011-10-30 17:32:11 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011-10-30 17:29:48 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2011-09-13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011-09-07 16:15:38 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\{6596491B-C5A4-45BF-82F5-9CAE4395FEFA}
[2011-08-25 15:35:20 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011-08-25 15:35:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011-08-25 15:35:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011-08-25 15:35:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011-08-25 15:35:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011-08-25 15:28:29 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\{E9FC6566-C268-447E-A116-CE22880844E7}
[2011-08-25 15:21:34 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\{F909B699-A991-4E74-BFB6-43C25955719C}
[2011-08-25 15:16:57 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\{3EBE915F-06EB-4305-8BC1-268BF35C9230}
[2011-08-21 20:19:07 | 002,469,248 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2011-08-21 20:19:07 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2011-08-21 20:19:07 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2011-08-21 20:19:07 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2011-08-21 20:19:07 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-03-28 16:15:43 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010-12-25 20:48:43 | 000,000,370 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010-12-18 20:15:32 | 001,623,322 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010-09-25 13:28:05 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010-04-17 14:35:46 | 000,007,605 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\Resmon.ResmonCfg
[2010-01-06 23:07:51 | 000,000,640 | RHS- | C] () -- C:\Users\Mateusz\ntuser.pol
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1
< End of report >
OTL extras
- Kod: Zaznacz wszystko
OTL Extras logfile created on: 2012-08-25 16:51:02 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Mateusz\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
4,00 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 62,34% Memory free
8,00 Gb Paging File | 6,18 Gb Available in Paging File | 77,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 3,30 Gb Free Space | 2,95% Space Free | Partition Type: NTFS
Drive E: | 37,27 Gb Total Space | 8,42 Gb Free Space | 22,58% Space Free | Partition Type: NTFS
Computer Name: DOMINATOR | User Name: Mateusz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PeaZip] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PeaZip] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== System Restore Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[color=#E56717]========== Firewall Settings ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0901050D-B11E-4D05-9CCB-D3A9EB28B1C3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{09124FCF-DFE0-4198-89F0-9159BA8BFBC2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{0921F767-7664-45B8-9756-642A873E44C7}" = rport=137 | protocol=17 | dir=out | app=system |
"{09303B6D-496E-4C9F-B84D-D505D462F2F1}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{0BDA0D57-FFBE-4D09-AB77-9A387AE1CDBF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0C146A2A-05F9-4AB1-BB2C-1FF83624B44E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{109F785C-A1B4-4563-A950-AAA1BB4BB07A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{114F6C12-9944-41C5-9762-4E5D764A9E02}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{13CDA053-CE40-4F4A-B065-0B9E41AE5C9C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1907FF91-1E13-494C-BC1A-13CADE876724}" = lport=2869 | protocol=6 | dir=in | app=system |
"{22751D27-6101-4030-8D4F-78182E1524C5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{23517525-DDF0-495D-AD8F-1BC44100B241}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2E1DC516-94E0-435D-880C-2BDEBC76ED4E}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{34616A98-E56F-4320-A267-CE1001C4A580}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{39BA9BC4-4369-4270-96F7-F288D0E63C0E}" = lport=10244 | protocol=6 | dir=in | app=system |
"{3E610370-D709-44F7-8F34-6A30E2CC6235}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{429EF4AC-B6DA-4E7D-A0D8-109D865D032D}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{435435DB-2C10-45F1-AADA-E9A040F4A286}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46EC0493-D4EE-4887-AA29-B018FC523330}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{472F4940-30CD-463B-8FA1-CF4234C8FFF8}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{477E679C-025F-4F86-A385-B8787BD87DAF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5677A9B2-7C80-4660-A127-E7DD39994350}" = rport=10243 | protocol=6 | dir=out | app=system |
"{582CF591-6A68-4D49-8DAF-CB937EC0A03F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5AA14908-B717-4626-9681-147BAA825D41}" = lport=138 | protocol=17 | dir=in | app=system |
"{5B907E68-A39B-4AB9-937F-97B343225ECC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5D339D5A-7CAA-494C-A989-044446009A26}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5F5A1BA7-0A7F-4306-BAB7-EA9633C7463E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{610BCD2C-4B9D-4F6A-BBE8-48FACC1C57D0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{675E1CE3-5D64-4235-B82A-C26F58119713}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{68A277C7-A962-44DD-8221-F2A0ED1CE378}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{73223A11-BBFC-4111-920D-FD84E712F966}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{74291CE3-5782-469D-AB47-5F4866419EC7}" = lport=10244 | protocol=6 | dir=in | app=system |
"{7B938C8B-D6D0-46BA-8B9E-A03AA8F8D682}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7CF4D48A-6DA2-47C4-BB59-216604606816}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{86BF4C48-96D2-41E8-93A3-3B504900E39F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{882951E9-C8DC-40FC-8624-D1D2AFE991AB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8DEDFD8F-A4AB-45B9-8C8E-7D73C47A8F24}" = lport=445 | protocol=6 | dir=in | app=system |
"{8EDCB3E8-6E7D-4AAC-91D5-4D1435BB0487}" = lport=2869 | protocol=6 | dir=in | app=system |
"{97CF7B3C-B2C6-49D9-82B6-8F269727330C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9BEAD34E-6D6D-4B8F-9353-FB4FEB45319B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A1437AF6-5675-42E1-9E4F-F48A79573C2A}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A82D49D1-A488-46DA-B525-86E4A875A9D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{B5978688-B48D-4A96-8CE3-BA069E0B7709}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B638686C-5F52-47DB-B2C7-41AE5A6E3EC6}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B7B59E95-8960-4266-B0AD-459DF28F4A7F}" = rport=138 | protocol=17 | dir=out | app=system |
"{B9481E93-5C21-4E87-99D0-BEC3A4BAC8E6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BABBB5F1-7806-49E2-947A-D93DF485C551}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BBECA5F8-E896-4BB7-A084-57F6F8D397DB}" = rport=445 | protocol=6 | dir=out | app=system |
"{C13437BB-D9E6-424F-BDDC-B591B61876D3}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{CDB77C35-44D8-437D-99A4-7BE2E3185D83}" = rport=139 | protocol=6 | dir=out | app=system |
"{CE2B4215-FE95-484B-8540-F9D1B5A999AB}" = lport=3390 | protocol=6 | dir=in | app=system |
"{D0579F9C-C632-475D-97BC-A64A8A302F5E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D79518EC-EB7F-48A1-994A-43215F9444E3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DEB42F32-D7C9-48DE-928A-A2DCB4EFD196}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{DFE5F631-95DD-4682-B232-D304DD2CF32E}" = lport=137 | protocol=17 | dir=in | app=system |
"{E000DD64-20B4-4837-B415-3660433EFC6C}" = lport=3390 | protocol=6 | dir=in | app=system |
"{F26B6096-67E3-4A85-A29D-25E802406FEA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02D72A3D-C51E-4339-8D5D-5F21813376E6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0303D4AA-5C46-4B81-B5D4-2D33722F7EE9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{030B486A-8545-4394-AC8C-230DFE4BAC8E}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{05127039-21F9-4331-8908-6548E42AC69C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0772FB22-150D-4C5C-BC50-45D9BAD02C94}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{07E3093F-6DCB-492B-90B0-B2E72522D8BC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0D268E1F-9473-41E5-A3E2-9C8FAFD44491}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{0D3AD6B4-AD9C-44CD-A127-74A9B4F9C286}" = protocol=17 | dir=in | app=d:\civ\beyond the sword\civ4beyondsword.exe |
"{0DBAAE37-6887-492A-9A17-626ACC7E68A4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0ED59E60-78BD-489A-A54B-4D30DAEC7522}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{11AB6FAB-0C2E-410D-9DA2-77DCEA8F8116}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{12728AE6-1E28-4EFE-97F4-6EF661637AA1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1298869B-67DA-4A13-802D-E0089891B99B}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{14ABE6DF-C7A8-41AF-9A99-688BB03EBF90}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{1610CF01-145C-4D9B-B8A3-3018AB551EA3}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{162439FA-125C-4676-B5BB-4E744740FAB6}" = protocol=6 | dir=in | app=d:\gry\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{197F5572-1D7B-42C1-B203-236E3D702D43}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1B242DE9-B4BF-43D0-B55F-2218843FFFF5}" = protocol=6 | dir=in | app=d:\gry\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{1BD12FA3-63CD-4D2C-8B6F-61D74A204C4F}" = protocol=17 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{1D8ABE1B-886A-4D2C-9B1E-95451F115C9D}" = protocol=17 | dir=in | app=e:\gry\acr\acrsp.exe |
"{21DF21B2-BE0C-4C50-B3B4-AF44409C38C6}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{2383FCC4-6E0E-4ABF-B964-9BF220718C0F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{23A7E1C9-60FF-4A9C-802D-7CCE6C85BDD9}" = protocol=6 | dir=out | app=system |
"{26CEC4E2-B1D7-4719-BEAE-CA1FFC49F0E0}" = protocol=6 | dir=in | app=d:\gry\fm11\fm.exe |
"{2912D2FC-C2EA-4D8C-A654-CC21FD1B0B5A}" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\playmaxpayne3.exe |
"{2C9C332B-645A-4FD5-98C8-C7247405DB56}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{2CB0C6FF-3E23-4277-A506-B5A11FF1D6B6}" = protocol=6 | dir=in | app=e:\gry\acr\acrsp.exe |
"{3057A648-EE09-4FEA-8B70-76EF423467FF}" = protocol=6 | dir=in | app=d:\gry\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{3242C797-0C36-445E-A5CC-40F99D5FE12E}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{32614DB6-EDCE-47E7-9B5C-2F200F49C0AE}" = protocol=17 | dir=in | app=d:\gry\ubisoft\assassin's creed 2\assassinscreedii.exe |
"{32A103CA-38BF-4289-861F-0F0E808A9FFF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3406138D-A744-4CBA-AA12-0E75CCF8E2B1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3576AD24-4FCE-4B51-B233-33F5E029BF09}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{39AE5651-5DA9-4D2C-8C4F-4287C5F7E31D}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{3AC7D375-05C2-4BE1-B80A-34F2E5595F0D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3F053F1A-8147-4DD0-9AE9-B943C02CABF5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{41043F3E-EC4A-47BA-9AEF-A2CB5029D460}" = protocol=17 | dir=in | app=d:\civ\civilization4.exe |
"{42DE005F-D67D-43D3-B224-AF83631CDDAF}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{43F04E41-42EF-4834-B889-D1A7F51BEE3A}" = protocol=17 | dir=in | app=d:\gry\fm11\fm.exe |
"{47166624-0D0C-4125-BEC7-41783FB9FA30}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{47699880-08EB-4E7D-881A-1C90619B30F5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{47E4A7A2-BB54-4B21-95A7-792BDECB2D4D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{48991FD1-CA99-47C6-AFC8-787598C2857C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{4DDF1711-5DE9-46BE-AEEA-31246FE5458E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4E0EFDCD-813C-40BF-826F-52A0EDFB73CB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{50D5C66D-DEC7-4AC6-B8DB-2077BF1CF627}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{517D343E-852E-4DE1-ABB7-0C7F23CDC05D}" = protocol=17 | dir=in | app=d:\civ\warlords\civ4warlords.exe |
"{51F17D8D-57A4-4E82-820B-5AA825EA7A10}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5521BFBE-1AAF-4A28-B644-3FB3055589B1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{56678102-41EF-473F-A5B5-7A8E990260D4}" = protocol=17 | dir=in | app=e:\gry\acr\assassinscreedrevelations.exe |
"{56FD5FD3-8373-4F01-ADC3-7096008614DF}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{594A72B9-FB4D-48D8-8F52-1C7631CAF656}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5A8F8E4C-1562-4024-AB21-5F13180CAB48}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5ACEBD06-3839-462B-AA1C-CBBBC5130447}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{5B8DEF7B-962D-4E92-8370-4B0CF430CAFE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5F23C211-9073-4C1A-8DBE-29A5EB833FFD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{609CF1A6-3FC6-453B-A540-545FA46EE2B9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{644AD679-F148-4B31-AED5-FC7C97C32F1F}" = protocol=6 | dir=in | app=d:\gry\nfs\launcher.exe |
"{67EB34C0-EDA4-443E-87D7-F8DEF5FCEF2E}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{691FC9E9-5B90-48FD-9D2E-9033946C92BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{69D0B9C1-990D-4C6A-B17A-70F8D358A80D}" = protocol=6 | dir=in | app=d:\gry\ubisoft\assassin's creed 2\uplaybrowser.exe |
"{6B61C2C1-0B98-473C-B313-757E1C0980A5}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet ink adv 2060 k110\bin\usbsetup.exe |
"{6FFA9A5B-634D-4511-BA36-D2F71D6D1CCF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7006D5AD-3D3D-4DB4-9806-C6AFDFEEBC0D}" = protocol=17 | dir=in | app=d:\gry\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{76890A8B-0C4C-47D1-9AE0-AE46C7F87F27}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{76F6B397-CF06-43D9-966C-13515B4ACB2F}" = protocol=6 | dir=in | app=c:\program files (x86)\opera next\opera.exe |
"{78186F1A-13C7-4108-80A5-5EE6EA11EB54}" = protocol=17 | dir=in | app=d:\gry\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{7839C448-DAAC-4956-A96C-AD52A48B3F35}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{79546E39-C80C-439D-8292-81B690B85D57}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{7CB21EDB-5015-4D24-B11E-88AEC7ED2ECF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7DBD62E2-0C4C-48B8-8953-63FF82A855C8}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{7FC90D84-CCCA-4F69-A4F6-BBD76722DB81}" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\playmaxpayne3.exe |
"{7FE74F21-BBB0-4DB5-9673-DDF81F6600F9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8176907F-0C68-4BE8-A28D-998D6A3B0E8E}" = protocol=6 | dir=in | app=d:\gry\bbc2\bfbc2updater.exe |
"{85536E8F-4A0A-4E9B-8D0B-EEAC0EA3CE67}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8786557B-16A6-4BD9-8BAE-99721FAE75F3}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8847E0B1-93A9-405A-B00F-7B881C50FD41}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{8A567BE4-C701-402C-9A72-F6F0DA8E4E52}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{8E58B298-EC00-4576-B069-0F5E787CFEE9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{918949BA-EBF8-435A-A40A-00AB9BE84C18}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"{9429B101-6D5A-4B8E-A7D6-CA8CCF6CB6EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{94C8A6F4-1BC1-42B4-83AE-D28A33980DAE}" = protocol=17 | dir=in | app=d:\gry\ubisoft\assassin's creed 2\uplaybrowser.exe |
"{957520D6-2E35-462B-B13A-C5225217997D}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{96B9BBFE-B512-493F-B086-F746A65683EC}" = protocol=17 | dir=in | app=d:\gry\bbc2\bfbc2updater.exe |
"{993B6B01-FDA1-4819-AC8A-5058BED1D667}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9DE489CC-1061-4001-95D9-699365309B62}" = protocol=6 | dir=in | app=d:\programy\steam\steam.exe |
"{9E2035E6-71FD-45FA-8565-FD15736E9DB4}" = protocol=6 | dir=in | app=c:\program files (x86)\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{9FC786F6-0F7A-4125-BFD2-226E33C69B43}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A0BE3144-D8FA-4F7D-BC89-F4454E9BEF1B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A59ADE8F-2885-4D2D-8FF0-6F2C7923F234}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A6479DC5-9AE8-4F70-BB29-FB04D4836991}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A8FFD71D-88B0-4694-B8FA-236149C1A3A7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AF10E10B-1BEC-4C21-BB9F-C307C7DB2131}" = protocol=6 | dir=in | app=e:\gry\acr\assassinscreedrevelations.exe |
"{B146CE84-C9BE-4FCA-8FC6-CDDD15D56CF3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B1D46951-0472-44DB-AE1B-5A0555FAA835}" = protocol=17 | dir=in | app=c:\program files (x86)\opera next\opera.exe |
"{B305A243-E477-4E64-ABD2-9663E9657DDE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B3B1BE60-EAD5-4B0D-8ADC-DC9C13788222}" = protocol=6 | dir=in | app=d:\gry\ubisoft\assassin's creed 2\assassinscreediigame.exe |
"{B498D4C6-59D7-4347-9B82-ACFC7003E993}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet ink adv 2060 k110\bin\usbsetup.exe |
"{B7342837-3D9A-4EB2-8584-C370A05FE465}" = protocol=6 | dir=in | app=e:\gry\acr\acrmp.exe |
"{BA1D54DA-01AC-4609-B1B5-AB4C89A35482}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BA6696BA-B324-4929-99C0-2DBD7D9E184A}" = protocol=17 | dir=in | app=d:\gry\ubisoft\assassin's creed 2\assassinscreediigame.exe |
"{BD7C4844-5A8F-488B-A036-61DD5D81FAA3}" = protocol=17 | dir=in | app=d:\programy\steam\steam.exe |
"{BFF28E71-591E-4C45-ACDC-A53388A6719D}" = protocol=17 | dir=in | app=d:\gry\nfs\launcher.exe |
"{BFF2CA3B-7648-4DB8-99AE-8E835C7488E0}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{C0653146-B8B2-4C54-9CCB-B7338A48BADD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C4B43742-1613-42A7-B013-5EB75035AD5E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C98BB227-7DAE-4551-A330-163272ED7F26}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{CDC1B73C-ABBA-446A-AE0E-BBDB064A7DDC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D0CEF564-1B03-477A-91A7-C93D5905C04F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D3429848-5CCD-416E-BBA7-9E1430B646AD}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{D50B0102-5A49-4C99-A2C6-21C657D18B1F}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{D5325241-2391-4711-9B35-4DE22684FE67}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D661C820-39D6-492D-960D-621E0630C9BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D8C03CD5-5670-4DCD-8B7B-542880D6C546}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{D971D5AD-AE12-4E2A-9366-D04F368D01C9}" = protocol=6 | dir=in | app=d:\civ\civilization4.exe |
"{DCE73102-2B74-4DC9-926E-BD2802CDC80C}" = protocol=17 | dir=in | app=d:\gry\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{E13185A6-FE03-451C-ACD1-229F7D3908D6}" = protocol=6 | dir=in | app=d:\civ\warlords\civ4warlords.exe |
"{E55CE6CB-3298-4DBE-B676-5A74F338DBC3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EC8D9A70-E164-4747-BBBC-9E5F65F629C5}" = protocol=6 | dir=in | app=d:\civ\beyond the sword\civ4beyondsword.exe |
"{ED3F6931-D0AB-4E68-9FF5-ED8E9174B969}" = protocol=6 | dir=in | app=d:\gry\ubisoft\assassin's creed 2\assassinscreedii.exe |
"{EFC51DE2-0433-405E-B96E-8CEDB82AFE0D}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{F1C4E535-5F06-4206-8D7D-64525FF70AD9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F587037D-A1B1-4405-A7FD-F747D1E28E7E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F5CE014F-41D2-44C5-88C1-A229B4C21C1D}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{F5CF2E67-CF02-459E-810A-4C76244EA236}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F694AF3D-A7EB-4A83-9699-5B5B633B94DF}" = protocol=17 | dir=in | app=e:\gry\acr\acrmp.exe |
"{FDC74819-599D-4DFB-8922-623C06B2FC0E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{071C1FED-3AD7-4AA0-BA08-7D4638A38DBC}D:\fear 3\f.e.a.r. 3.exe" = protocol=6 | dir=in | app=d:\fear 3\f.e.a.r. 3.exe |
"TCP Query User{113D02EF-00ED-4353-8DF6-7371B8396E4D}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{14988E9F-C20E-4BFC-9582-D331AC03D480}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{1FEF1EE6-9ACE-4E9D-BCC7-DBD14504F5AF}D:\gry\cs\counter-strike 1.6\hlds.exe" = protocol=6 | dir=in | app=d:\gry\cs\counter-strike 1.6\hlds.exe |
"TCP Query User{22617693-A9E0-4A6B-A550-4233D6227F3E}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{2E558B4A-CD0B-40D4-8BE5-5133844E4933}C:\program files (x86)\axesstel\axessmanager\axessmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\axesstel\axessmanager\axessmanager.exe |
"TCP Query User{332283AD-8DA5-4DDC-BB91-8B31B7512A4C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{37BA57C2-C9B0-4430-A47D-FA1C425D75BC}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{3DC886F9-5BDC-4F3D-B974-A350C2E34E27}C:\program files (x86)\teamviewer\version5\teamviewer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"TCP Query User{461E1076-4CB1-4BCC-95F0-EDC447996619}D:\gry\fifa demo\game\fifa.exe" = protocol=6 | dir=in | app=d:\gry\fifa demo\game\fifa.exe |
"TCP Query User{5402A199-FE6F-47D0-9423-803D43E84B62}D:\gry\shift 2 unleashed\shift2u.exe" = protocol=6 | dir=in | app=d:\gry\shift 2 unleashed\shift2u.exe |
"TCP Query User{663911C2-D12A-485C-9A4C-3C65BE49F758}D:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{6D888ADA-299C-4E25-ADB0-C6FB69F762BD}D:\gry\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=d:\gry\fifa 11\game\fifa.exe |
"TCP Query User{6E4F0FFD-BD13-4B8C-A366-47CBD784B4F4}D:\gry\cs\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=d:\gry\cs\counter-strike 1.6\hl.exe |
"TCP Query User{6E63543A-90A2-4487-8D44-FCC971642FD6}D:\gry\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=d:\gry\fifa 11\game\fifa.exe |
"TCP Query User{72BEF7FC-E947-484D-BD18-9EE332312D29}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
"TCP Query User{75C040FB-AAA9-4898-8AEF-93988554E691}D:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\gry\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{8025E783-12DA-4B58-98C5-14375C3BC77C}D:\gry\call of duty - black ops\blackops.exe" = protocol=6 | dir=in | app=d:\gry\call of duty - black ops\blackops.exe |
"TCP Query User{89906FF9-CF92-4E95-A028-4BBC97119E1D}D:\gry\cs\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=d:\gry\cs\counter-strike 1.6\hl.exe |
"TCP Query User{9C374CB6-7713-4E03-8DA8-ACD341BB1B9F}D:\download\counter-strike 1.6\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=d:\download\counter-strike 1.6\counter-strike 1.6\hl.exe |
"TCP Query User{9DE6D45B-1344-47AA-BE30-9E7A9872EAB4}C:\program files (x86)\axesstel\axessmanager\axessmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\axesstel\axessmanager\axessmanager.exe |
"TCP Query User{9F878FEB-5E7F-4B80-866A-B6802A89BE00}D:\gry\medal of honor\binaries\moh.exe" = protocol=6 | dir=in | app=d:\gry\medal of honor\binaries\moh.exe |
"TCP Query User{B3C43AED-DC54-461A-845E-2F7F83CA8DE6}D:\fovnfsu2hfsm\fovnfsu2hfsm\speed2.exe" = protocol=6 | dir=in | app=d:\fovnfsu2hfsm\fovnfsu2hfsm\speed2.exe |
"TCP Query User{BB731B8B-4723-4CAD-83E8-AB7DA0AE30E9}D:\gry\call of duty - black ops\blackopsmp.exe" = protocol=6 | dir=in | app=d:\gry\call of duty - black ops\blackopsmp.exe |
"TCP Query User{CAB94D79-EB0B-44BB-B1F2-DAC884FCC4C5}D:\fear 3\f.e.a.r. 3.exe" = protocol=6 | dir=in | app=d:\fear 3\f.e.a.r. 3.exe |
"TCP Query User{CD6B1821-942F-4256-8039-896424F843EF}D:\gry\fifa 10\fifa 10\fifa10.exe" = protocol=6 | dir=in | app=d:\gry\fifa 10\fifa 10\fifa10.exe |
"TCP Query User{E30B0044-6C5C-4A6B-81C2-D7941FE5B714}C:\program files (x86)\gadu-gadu\gg.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gadu-gadu\gg.exe |
"TCP Query User{E8566775-F523-46D7-9801-6CD2F0F82733}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{F24F1F17-22CD-4DCD-973F-636D8AABFFFD}D:\gry\nfs\nfs11.exe" = protocol=6 | dir=in | app=d:\gry\nfs\nfs11.exe |
"TCP Query User{FA5FA2E6-564D-4960-9730-64AEBD4F975A}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{FAF7D528-F47B-484B-BDD9-1413F902033B}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{FDFB656E-4F51-43A3-9762-CBCAD0EF58E0}D:\gry\cs\counter-strike 1.6\hltv.exe" = protocol=6 | dir=in | app=d:\gry\cs\counter-strike 1.6\hltv.exe |
"UDP Query User{02CBB48E-5F73-4523-AC38-BCC149F06D62}D:\gry\call of duty - black ops\blackops.exe" = protocol=17 | dir=in | app=d:\gry\call of duty - black ops\blackops.exe |
"UDP Query User{062E60A2-503C-4C01-9B61-BD2CD626507F}D:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{10AE6B12-6937-4130-A4E6-E115CE9B6208}D:\gry\cs\counter-strike 1.6\hlds.exe" = protocol=17 | dir=in | app=d:\gry\cs\counter-strike 1.6\hlds.exe |
"UDP Query User{28E4EA01-5451-46C3-960C-68E1C4D32A6A}D:\gry\medal of honor\binaries\moh.exe" = protocol=17 | dir=in | app=d:\gry\medal of honor\binaries\moh.exe |
"UDP Query User{412698B7-6CEF-42A7-A62B-6A74B5EED234}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{44256523-FD3D-492C-B514-B69B3DE10294}D:\gry\cs\counter-strike 1.6\hltv.exe" = protocol=17 | dir=in | app=d:\gry\cs\counter-strike 1.6\hltv.exe |
"UDP Query User{4B3E302E-E10C-4743-BB67-6419339A4108}D:\gry\cs\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=d:\gry\cs\counter-strike 1.6\hl.exe |
"UDP Query User{5D54A359-0976-4627-BE93-F74A25573A71}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{7A58C588-1DAE-44D7-A642-90E347CE869A}D:\gry\call of duty - black ops\blackopsmp.exe" = protocol=17 | dir=in | app=d:\gry\call of duty - black ops\blackopsmp.exe |
"UDP Query User{83252613-7CB7-4857-B7EF-15214AB33D82}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{88005B2F-AD3F-463F-81AA-FC758587F378}D:\gry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\gry\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{8CAEB398-F34D-47BF-BEB9-A613BBC7CE4B}D:\fovnfsu2hfsm\fovnfsu2hfsm\speed2.exe" = protocol=17 | dir=in | app=d:\fovnfsu2hfsm\fovnfsu2hfsm\speed2.exe |
"UDP Query User{8D36FB27-56B0-42B9-BF06-C9B8BAA92617}D:\download\counter-strike 1.6\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=d:\download\counter-strike 1.6\counter-strike 1.6\hl.exe |
"UDP Query User{8F531373-61E1-4DB4-8CCF-DEA38363BF22}D:\gry\cs\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=d:\gry\cs\counter-strike 1.6\hl.exe |
"UDP Query User{9600E239-D240-4F12-90DD-A3EEAD992F64}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{99BBAB16-7524-432E-AD0D-3D0A74B8384D}D:\gry\fifa 10\fifa 10\fifa10.exe" = protocol=17 | dir=in | app=d:\gry\fifa 10\fifa 10\fifa10.exe |
"UDP Query User{9A48BFC7-6B71-418C-8B0E-980E6B1A1FE2}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{B787BF37-69F4-4871-9A31-BCB3DA844575}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe |
"UDP Query User{B818047B-9C80-4BA0-82BC-0283F25F50E3}C:\program files (x86)\axesstel\axessmanager\axessmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\axesstel\axessmanager\axessmanager.exe |
"UDP Query User{BC283DBA-EF09-4A76-A43F-EE0BA202C6AD}D:\gry\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=d:\gry\fifa 11\game\fifa.exe |
"UDP Query User{BD395C66-BA9A-4EAE-BAE5-D9F8115F252F}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{C9300B82-913F-400C-99D9-D9564E47D835}C:\program files (x86)\gadu-gadu\gg.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gadu-gadu\gg.exe |
"UDP Query User{CDC95406-0CCD-41FC-B8BC-2C641ED4AA15}D:\gry\shift 2 unleashed\shift2u.exe" = protocol=17 | dir=in | app=d:\gry\shift 2 unleashed\shift2u.exe |
"UDP Query User{D81D80B1-7D42-4E74-823F-4D6C3A13383C}D:\fear 3\f.e.a.r. 3.exe" = protocol=17 | dir=in | app=d:\fear 3\f.e.a.r. 3.exe |
"UDP Query User{D8BE4A39-4DA9-4F20-88BE-A1D6D5F9FDBD}C:\program files (x86)\axesstel\axessmanager\axessmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\axesstel\axessmanager\axessmanager.exe |
"UDP Query User{E43F6796-1536-4137-8D6E-52967E2C1D48}D:\fear 3\f.e.a.r. 3.exe" = protocol=17 | dir=in | app=d:\fear 3\f.e.a.r. 3.exe |
"UDP Query User{E9A51136-E893-475A-B78D-5C664DCD99C7}D:\gry\nfs\nfs11.exe" = protocol=17 | dir=in | app=d:\gry\nfs\nfs11.exe |
"UDP Query User{EA653D9C-FEDC-4E3F-AAD4-F88BAB638C13}D:\gry\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=d:\gry\fifa 11\game\fifa.exe |
"UDP Query User{ECEC2C10-9E74-423B-AB98-DAC459656368}C:\program files (x86)\teamviewer\version5\teamviewer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version5\teamviewer.exe |
"UDP Query User{EFBFC54D-595A-4CF4-A1B1-1A1C86285E69}D:\gry\fifa demo\game\fifa.exe" = protocol=17 | dir=in | app=d:\gry\fifa demo\game\fifa.exe |
"UDP Query User{F5864C7D-B8E5-4DAB-829E-1E46C788E9E3}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{F66383EB-2F42-4F73-B89A-DA4DD6A059E4}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BD776F3-057D-4C11-020C-4FA9B13D04F9}" = AMD Catalyst Install Manager
"{11947265-738E-42D1-A9C6-CFD2D7FAE5BE}" = HP Deskjet Ink Adv 2060 K110 Badanie ulepszeń produktu
"{28A0318C-B98D-B6B1-64D1-4E4755A8E668}" = AMD Drag and Drop Transcoding
"{463FB535-67FB-17C9-6FD6-164BC60462F6}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{55198058-B9BD-4574-8CD0-1E4EC1240B90}" = HP Deskjet Ink Adv 2060 K110 Podstawowe oprogramowanie urządzenia
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{69FDD045-DA24-CA41-8FD2-6B3A91F4EDEE}" = AMD Fuel
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{A6FE29A0-622B-2763-88AA-D1E084F77CD9}" = AMD Media Foundation Decoders
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Pakiet sterowników systemu Windows - Nokia Modem (10/05/2009 4.2)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Pakiet sterowników systemu Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Creative VF0260" = Creative Live! Cam Vista IM Driver (1.11.02.00)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"WinRAR archiver" = Archiwizator WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00718491-55BF-46C6-83EF-4B3B95AC807A}" = SplitCam
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0205.1
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{15733AD1-1CEF-459A-9245-0924FC63BDD5}" = HP My Display
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1A9C3B2E-360E-4353-8E17-312342E24194}" = Speed-Link SL-6535 USB Pad
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1AB7827A-977F-4AF2-BD5D-F1D2E5BF73E5}" = Nokia Firmware RM-133 EMEA
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{261A4762-744B-4C71-81D2-57FA5038DC7B}" = HP Deskjet Ink Adv 2060 K110 Pomoc
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{2F672AB6-053A-4F23-855F-F57F7BFBA163}_is1" = WGA Remover version 1.0
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{347151C4-7F16-B275-8865-CC6B64056D3F}" = Catalyst Control Center Graphics Previews Common
"{376ec3e5-df9d-43df-b440-79646faa1147}" = Nero 9 Trial
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{434D0FA0-AB8C-497F-B30A-7A1000018201}" = DiRT 3
"{434D0FA0-AB8C-497F-B30A-7A1000018202}" = DiRT 3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 3.2
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{623B8278-8CAD-45C1-B844-58B687C07805}" = Bing Bar Platform
"{62AEBBB6-8314-7902-B3DA-1690F97DFA74}" = CCC Help English
"{65356EEA-6ABF-437B-A7C7-5AAA0C6086F2}_is1" = Minecraft Auto wersja 1.0
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3E5F76-7DD4-4F59-9CD6-B0159622B353}" = Double Vibration steering wheel
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{88603FC0-6B3C-442D-981E-E3D49F083548}_is1" = NovaBench 3.0.3
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8F4507EF-C5F3-46CE-9718-9D3698821333}" = Motorola Driver Installation
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90850415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{92DA4424-0CFB-44D1-A08B-B63D5D8BEFBC}_is1" = Phoenix Service Software 2010.8.4.41526
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E35B051-C7EE-47CB-BA43-9A7FFD4E61DE}" = OpenOffice.org 3.1
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5A70E61-FEAB-4CEC-977C-BE0EF8DC05AB}" = PC Connectivity Solution
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS Ver.2.05
"{B52D7A21-03E5-4C0C-82FA-FD8EB4C92149}" = AxessManager
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.49 (July 1st, 2011) wersja v2011.build.49
"{BC85DD5F-1E88-4E38-B77F-0371DFD41045}" = Nero 7 Demo
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C01AE05C-3C8C-75B3-C9F0-1B525DD3697C}" = Catalyst Control Center InstallProxy
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = PC Camera
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E737A098-F161-4B6F-AF22-86AAE34F6FBD}" = Pro Evolution Soccer 2012
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F40963EC-223E-4E65-8CF0-A60E9A227245}_is1" = Prawo Jazdy ABCDT - egzamin wewnętrzny
"{F865B0B5-0D43-2704-0B22-35C5F721374B}" = AMD VISION Engine Control Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Alan Wake American Nightmare_is1" = Alan Wake American Nightmare
"ALLPlayer_is1" = ALLPlayer V4.X
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Babylon" = Babylon
"Browsers Protector" = Browsers Protector
"Civilization V PL" = Civilization V PL
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"CZATeriaKam" = CZATeriaKam 2.6.2
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dzielenie i łączenie plików_is1" = Dzielenie i łączenie plików v1.2.2
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.0.0 Home Edition
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"FontCreator6_is1" = High-Logic FontCreator 6.5
"Fraps" = Fraps
"funmoods" = Funmoods on IE and Chrome
"Gadu-Gadu" = Gadu-Gadu 7.7
"GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"HP Photo Creations" = HP Photo Creations
"Icy Tower v1.3.1_is1" = Icy Tower v1.3.1
"InstallShield_{6A3E5F76-7DD4-4F59-9CD6-B0159622B353}" = Double Vibration steering wheel
"InstallShield_{91C514E8-C92E-48E4-BDEE-DE3407837194}" = Wolfenstein(TM) 1.2 Patch
"InstallShield_{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = PC Camera
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Intelore - RAR Password Recovery" = RAR Password Recovery v1.1 RC17 (remove only)
"ipla" = ipla 2.3.5
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.9.0
"Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3 Knife_is1" = Mp3 Knife 3.2
"Nokia PC Suite" = Nokia PC Suite
"OpenAL" = OpenAL
"Opera 11.64.1403" = Opera 11.64
"PartyPoker" = PartyPoker
"PDF Editor 3" = PDF Editor 3
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 15.0" = RealPlayer
"Rockstar Games Social Club" = Rockstar Games Social Club
"Searchqu Toolbar" = Searchqu Toolbar
"SopCast" = SopCast 3.2.9
"StartSearch Toolbar" = StartSearch Toolbar 1.3
"TeamViewer 5" = TeamViewer 5
"UltraISO_is1" = UltraISO Premium V9.36
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.3
"vShare" = vShare Plugin
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Advanced Archive Password Recovery" = Advanced Archive Password Recovery
"GG" = GG
"Google Chrome" = Google Chrome
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 2011-06-12 05:55:13 | Computer Name = Dominator | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .
Error - 2011-06-13 04:46:40 | Computer Name = Dominator | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .
Error - 2011-06-13 04:46:40 | Computer Name = Dominator | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .
Error - 2011-06-13 05:29:21 | Computer Name = Dominator | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
Error - 2011-06-13 18:01:14 | Computer Name = Dominator | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: iexplore.exe, wersja: 8.0.7600.16766,
sygnatura czasowa: 0x4d65d5c3 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0,
sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00480058
Identyfikator
procesu powodującego błąd: 0x12bc Godzina uruchomienia aplikacji powodującej błąd:
0x01cc2a1566269464 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu:
a7a8d65c-9608-11e0-9736-00241ddd900f
Error - 2011-06-14 06:17:21 | Computer Name = Dominator | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .
Error - 2011-06-14 06:17:21 | Computer Name = Dominator | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .
Error - 2011-06-14 07:49:20 | Computer Name = Dominator | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "C:\Program Files (x86)\Nokia\Nokia
PC Suite 7\TIS_Windows7PIM.dll". Nie można odnaleźć zestawu zależnego Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Użyj
narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę.
Error - 2011-06-15 09:22:02 | Computer Name = Dominator | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .
Error - 2011-06-15 09:22:02 | Computer Name = Dominator | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Nie można wyodrębnić listy głównej innych firm z pliku cab automatycznej
aktualizacji z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>,
wystąpił błąd: Wymagany certyfikat jest poza okresem ważności, co wynika z weryfikacji
bieżącego zegara systemowego lub sygnatury czasowej. .
[ Media Center Events ]
Error - 2011-05-10 07:41:03 | Computer Name = Dominator | Source = MCUpdate | ID = 0
Description = 13:41:03 - Błąd podczas nawiązywania połączenia z Internetem. 13:41:03
- Nie można skontaktować się z serwerem..
Error - 2011-05-10 07:41:45 | Computer Name = Dominator | Source = MCUpdate | ID = 0
Description = 13:41:32 - Błąd podczas nawiązywania połączenia z Internetem. 13:41:32
- Nie można skontaktować się z serwerem..
Error - 2011-05-10 08:42:16 | Computer Name = Dominator | Source = MCUpdate | ID = 0
Description = 14:42:16 - Błąd podczas nawiązywania połączenia z Internetem. 14:42:16
- Nie można skontaktować się z serwerem..
Error - 2011-05-10 08:42:46 | Computer Name = Dominator | Source = MCUpdate | ID = 0
Description = 14:42:45 - Błąd podczas nawiązywania połączenia z Internetem. 14:42:45
- Nie można skontaktować się z serwerem..
Error - 2011-05-10 09:43:19 | Computer Name = Dominator | Source = MCUpdate | ID = 0
Description = 15:43:19 - Błąd podczas nawiązywania połączenia z Internetem. 15:43:19
- Nie można skontaktować się z serwerem..
Error - 2011-05-10 09:43:52 | Computer Name = Dominator | Source = MCUpdate | ID = 0
Description = 15:43:48 - Błąd podczas nawiązywania połączenia z Internetem. 15:43:48
- Nie można skontaktować się z serwerem..
Error - 2011-05-10 10:44:23 | Computer Name = Dominator | Source = MCUpdate | ID = 0
Description = 16:44:23 - Błąd podczas nawiązywania połączenia z Internetem. 16:44:23
- Nie można skontaktować się z serwerem..
Error - 2011-05-10 10:44:53 | Computer Name = Dominator | Source = MCUpdate | ID = 0
Description = 16:44:52 - Błąd podczas nawiązywania połączenia z Internetem. 16:44:52
- Nie można skontaktować się z serwerem..
Error - 2011-06-21 07:23:03 | Computer Name = Dominator | Source = MCUpdate | ID = 0
Description = 13:23:03 - Błąd podczas nawiązywania połączenia z Internetem. 13:23:03
- Nie można skontaktować się z serwerem..
Error - 2011-06-21 07:23:11 | Computer Name = Dominator | Source = MCUpdate | ID = 0
Description = 13:23:08 - Błąd podczas nawiązywania połączenia z Internetem. 13:23:08
- Nie można skontaktować się z serwerem..
[ System Events ]
Error - 2012-08-23 09:30:51 | Computer Name = Dominator | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi eamonm z powodu następującego błędu: %%2
Error - 2012-08-23 09:34:58 | Computer Name = Dominator | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi eamonm z powodu następującego błędu: %%2
Error - 2012-08-24 05:00:22 | Computer Name = Dominator | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi eamonm z powodu następującego błędu: %%2
Error - 2012-08-24 13:09:58 | Computer Name = Dominator | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi eamonm z powodu następującego błędu: %%2
Error - 2012-08-25 09:51:03 | Computer Name = Dominator | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi eamonm z powodu następującego błędu: %%2
Error - 2012-08-25 10:17:59 | Computer Name = Dominator | Source = Service Control Manager | ID = 7034
Description = Usługa Portrait Displays Display Tune Service niespodziewanie zakończyła
pracę. Wystąpiło to razy: 1.
Error - 2012-08-25 10:21:50 | Computer Name = Dominator | Source = Service Control Manager | ID = 7030
Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System
jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego
ta usługa może nie działać właściwie.
Error - 2012-08-25 10:24:13 | Computer Name = Dominator | Source = Application Popup | ID = 1060
Description = Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane
z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania
w celu uzyskania zgodnej wersji sterownika.
Error - 2012-08-25 10:24:13 | Computer Name = Dominator | Source = Application Popup | ID = 1060
Description = Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane
z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania
w celu uzyskania zgodnej wersji sterownika.
Error - 2012-08-25 10:25:09 | Computer Name = Dominator | Source = Service Control Manager | ID = 7030
Description = Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System
jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego
ta usługa może nie działać właściwie.
< End of report >
GMER:
- Kod: Zaznacz wszystko
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-08-25 17:40:03
Windows 6.1.7600
Running: p04g33zm.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x8F 0xE7 0xF7 0x0B ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files (x86)\Alcohol Soft\Alcohol 52\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x24 0x2A 0x8B 0xB7 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x57 0x38 0xD8 0xB7 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD7 0x4F 0x31 0x17 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x8F 0xE7 0xF7 0x0B ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files (x86)\Alcohol Soft\Alcohol 52\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x24 0x2A 0x8B 0xB7 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x57 0x38 0xD8 0xB7 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD7 0x4F 0x31 0x17 ...
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@E:\Gry\Battlefield 3\x2122\__Installer\vc\vc2008sp1\redist\vcredist_x64.exe 1
---- EOF - GMER 1.0.15 ----