Skocz do zawartości

  • 👋 Witaj na MPCForum!

    Przeglądasz forum jako gość, co oznacza, że wiele świetnych funkcji jest jeszcze przed Tobą! 😎

    • Pełny dostęp do działów i ukrytych treści
    • Możliwość pisania i odpowiadania w tematach
    • System prywatnych wiadomości
    • Zbieranie reputacji i rozwijanie swojego profilu
    • Członkostwo w jednej z największych społeczności graczy

    👉 Dołączenie zajmie Ci mniej niż minutę – a zyskasz znacznie więcej!

    Zarejestruj się teraz
  • 0

''Mój komputer'' sam się włącza

Ventual

Pytanie zadane przez Ventual ,

Pytanie

Ventual Budowniczy

Ventual

Opublikowano
Budowniczy

Ventual

Opublikowano

''Mój komputer'' w sensie nie komputer tylko ten plik sam się włącza. Wcześniej włączał się jak kliknąłem chyba alt czy ctrl raz było jak kliknąłem przycisk myszy, a dzisiaj sam samoczynnie bez klikania żadnego przycisku się włącza i tak cały czas. Czym to może być spowodowane? Wirusy? Jak się tego problemu pozbyć? Nie można normalnie pograć.

36 odpowiedzi na to pytanie

Rekomendowane odpowiedzi

Nezvik Mentor

Nezvik

Opublikowano
Mentor

Nezvik

Opublikowano

Przeskanuj plik:

%SystemRoot%\System32\Drivers\altbw02j.SYS

 

W OTL pozaznaczaj wszędzie BRAK / ŻADNE na dole w opcjach skanowania wpisz:

 

msconfig

 

I kliknij skanuj. Wstaw log.

 

Tak szczerze to wszystko czyste.

Nezvik Mentor

Nezvik

Opublikowano
Mentor

Nezvik

Opublikowano

Niestety nie wiem o co chodzi. Wszelkie logi są czyste, brak infekcji. Brak czegokolwiek. Niestety niechętnie, aczkolwiek muszę zaproponować format dysku. 

Jeszcze zapytam, od jakiego czasu występuje ten problem?

Nezvik Mentor

Nezvik

Opublikowano
Mentor

Nezvik

Opublikowano

Bez sensu. Log OTL jest czysty.

Pobierz program GMER.

Po uruchomieniu zostanie wykonany krótki skan.
Następnie po prawej stronie zaznaczasz wszystkie fajki (w tym ADS), a w dyskach tylko dysk systemowy.
Następnie klikasz przycisk szukaj i log wstawiasz na forum.
 
Zwróć uwagę, czy przypadkiem podczas skanowania nie wyrzuci czegoś w stylu "Uwaga! Znaleziono wpis zmodyfikowany przez Rootkita!"
Ventual Budowniczy

Ventual

Opublikowano
Budowniczy

Ventual

  • Autor
Opublikowano

Problem nie zniknął, dzisiaj było to samo.

 

Jeśli chodzi o hamachi to mogę w sumie odinstalować bo już nie potrzebuję. A pnkBstrB to chyba skrót punkbustera czy jakoś tak, program blokujący hacki w cod4.

 

Tutaj z rejestrem(teraz powinno być dobrze):

 

OTL logfile created on: 2014-03-28 11:07:31 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Adrian\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,78 Gb Available Physical Memory | 38,79% Memory free
4,00 Gb Paging File | 1,73 Gb Available in Paging File | 43,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98,11 Gb Total Space | 45,85 Gb Free Space | 46,73% Space Free | Partition Type: NTFS
Drive D: | 105,47 Gb Total Space | 36,66 Gb Free Space | 34,76% Space Free | Partition Type: NTFS
 
Computer Name: ADRIAN-KOMPUTER | User Name: Adrian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014-03-27 11:16:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adrian\Desktop\OTL.exe
PRC - [2014-03-24 19:43:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014-03-20 23:10:29 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
PRC - [2014-03-19 16:13:58 | 005,325,152 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.204\deploy\LoLLauncher.exe
PRC - [2014-03-15 09:40:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014-02-08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014-02-05 10:32:47 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014-02-05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013-12-25 13:49:08 | 009,547,240 | ---- | M] (TeamSpeak Systems GmbH) -- D:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
PRC - [2013-07-14 21:21:00 | 000,074,752 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.77\deploy\LolClient.exe
PRC - [2012-11-16 14:24:44 | 000,913,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2012-10-29 17:56:14 | 001,300,376 | ---- | M] () -- D:\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-02-11 21:52:00 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\SpeedyDrive\mounter.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014-03-20 23:10:27 | 016,276,872 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
MOD - [2014-03-19 16:14:00 | 000,265,056 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.204\deploy\RiotLauncher.dll
MOD - [2014-03-19 16:13:58 | 005,325,152 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.204\deploy\LoLLauncher.exe
MOD - [2014-03-15 09:40:38 | 003,642,480 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013-12-25 13:49:06 | 000,237,032 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
MOD - [2013-12-25 13:49:06 | 000,230,376 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
MOD - [2013-12-25 13:49:05 | 000,555,496 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
MOD - [2013-07-14 21:21:00 | 000,074,752 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.77\deploy\LolClient.exe
MOD - [2013-07-14 21:14:54 | 004,774,248 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.77\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
MOD - [2012-10-29 17:56:14 | 001,300,376 | ---- | M] () -- D:\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2012-07-30 15:13:00 | 000,195,584 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\imageformats\_old_qjpeg4.dll
MOD - [2012-07-30 15:13:00 | 000,025,600 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\imageformats\_old_qgif4.dll
MOD - [2011-03-04 11:02:54 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2011-03-04 11:02:52 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2011-03-04 11:02:50 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014-02-05 10:32:24 | 016,941,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2012-11-16 14:24:44 | 000,913,184 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008-07-29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2014-03-24 19:43:01 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014-03-20 23:10:29 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-03-15 09:40:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-02-08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014-02-05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014-01-07 22:00:22 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-02-07 13:10:08 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012-02-11 21:52:00 | 000,014,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SpeedyDrive\mounter.exe -- (DokanMounter)
SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013-12-27 19:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-09-10 17:33:10 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013-03-29 16:21:35 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2012-12-26 19:40:05 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-11-16 13:56:48 | 000,209,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012-09-12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012-03-14 07:40:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012-03-14 07:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-11 21:52:00 | 000,120,408 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\dokan.sys -- (Dokan)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-07-01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010-07-01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006-08-11 14:50:02 | 000,078,208 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfsync04.sys -- (sfsync04)
DRV:64bit: - [2006-07-05 13:48:19 | 000,077,688 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01a.sys -- (sfdrv01a)
DRV:64bit: - [2006-06-14 18:14:39 | 000,100,712 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02)
DRV:64bit: - [2006-06-14 15:58:10 | 000,014,192 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119816&tt=190313_wo1&babsrc=SP_ss&mntrId=BCF8001D7D2187AE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledAddons: autorefresh%40plugin:1.0.2
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.22
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2832599&SearchSource=2&CUI=UN27808372543842215&UM=1&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre1.7.0_07\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Adrian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefoxradka\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefoxradka\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-11-11 10:36:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-03-22 18:34:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-12-26 15:58:30 | 000,000,000 | ---D | M]
 
[2013-04-10 15:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Extensions
[2014-03-25 21:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions
[2014-03-24 22:07:25 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014-02-26 13:54:07 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2014-02-02 16:36:06 | 000,000,000 | ---D | M] ("Auto Refresh") -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\autorefresh@plugin
[2014-03-25 21:20:37 | 000,000,000 | ---D | M] ("MEGA") -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\[email protected]
[2014-03-25 21:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\staged
[2014-02-02 16:36:06 | 000,036,763 | ---- | M] () (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\rr8doj0o.default\Extensions\autorefresh@plugin.xpi
[2014-03-25 21:20:29 | 002,945,525 | ---- | M] () (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\rr8doj0o.default\Extensions\[email protected]
[2014-02-26 13:53:49 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\rr8doj0o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-12-03 14:52:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2014-03-19 21:26:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014-03-19 21:26:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-10-14 18:36:14 | 000,027,648 | ---- | M] (Ivo Software Sp. z o.O.) -- C:\Program Files (x86)\mozilla firefox\components\IvonaFirefoxToolbar.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = http://www.delta-search.com/?q={searchTerms}&affID=119816&tt=190313_wo1&babsrc=SP_ss&mntrId=BCF8001D7D2187AE
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.delta-search.com/?babsrc=HP_ss&mntrId=BCF8001D7D2187AE&affID=119820&tsp=4939
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Adrian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Dokumenty Google = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: 22find = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfda\2.0.1_0\
CHR - Extension: Value apps = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\
CHR - Extension: Google Wallet = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.7.0_07\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - D:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVO Software Sp. z o.O.)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.7.0_07\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - D:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVO Software Sp. z o.O.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - D:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVO Software Sp. z o.O.)
O3 - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - D:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVO Software Sp. z o.O.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [shadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.51.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.8.1 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20759542-2AB4-44B2-9728-D70C6A02BFD5}: DhcpNameServer = 192.168.8.1 8.8.8.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll) -  File not found
O20:64bit: - AppInit_DLLs: (c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-10-29 21:21:08 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-03-27 11:16:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Adrian\Desktop\OTL.exe
[2014-03-25 20:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2014-03-22 19:04:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014-03-22 19:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2014-03-22 19:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014-03-22 19:03:12 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014-03-22 19:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2014-03-22 19:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014-03-22 19:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014-03-22 19:00:07 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014-03-22 02:07:44 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\OBS
[2014-03-17 22:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2014-03-14 21:45:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2014-03-14 21:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
[2014-03-14 21:41:49 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Documents\FIFA 14
[2014-03-14 20:10:53 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\Setup Integrity Check
[2014-03-11 19:26:13 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\uTorrent
[2014-03-10 19:09:31 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Documents\Euro Truck Simulator 2
[2014-03-10 19:09:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
[2014-03-08 02:49:31 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\Ubisoft
[2014-03-08 02:17:13 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\InstallShield
[2014-03-05 19:29:34 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Documents\Rockstar Games
[2014-03-05 19:03:06 | 000,000,000 | RH-D | C] -- C:\Users\Adrian\AppData\Roaming\SecuROM
[2014-03-05 18:59:29 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\Rockstar Games
[2014-03-04 18:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2014-03-04 15:31:16 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Desktop\igrzyska grafika
[2014-03-03 18:03:06 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-03-03 18:02:56 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-03-03 15:39:47 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\NVIDIA Corporation
[2014-03-03 15:35:58 | 001,179,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014-03-03 15:35:57 | 001,048,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014-03-03 15:35:54 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\NVIDIA
[2014-03-03 15:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014-03-03 15:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014-03-03 15:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014-03-03 15:33:48 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014-03-03 15:33:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014-03-03 15:33:09 | 006,712,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014-03-03 15:33:09 | 003,498,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014-03-03 15:33:09 | 002,559,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014-03-03 15:33:09 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014-03-03 15:33:09 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014-03-03 15:32:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014-03-03 15:29:39 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014-03-03 15:29:39 | 000,035,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014-03-03 15:29:39 | 000,033,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014-03-03 15:29:38 | 018,257,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014-03-03 15:29:38 | 015,740,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014-03-03 15:29:35 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014-03-03 15:29:34 | 031,432,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014-03-03 15:29:34 | 023,683,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014-03-03 15:29:34 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014-03-03 15:29:34 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014-03-03 15:29:34 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014-03-03 15:29:34 | 000,892,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014-03-03 15:29:34 | 000,875,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014-03-03 15:29:34 | 000,863,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014-03-03 15:29:34 | 000,844,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014-03-03 15:29:33 | 017,715,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014-03-03 15:29:33 | 014,669,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014-03-03 15:29:33 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014-03-03 15:29:33 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014-03-03 15:29:33 | 003,142,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014-03-03 15:29:33 | 002,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014-03-03 15:29:33 | 002,782,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014-03-03 15:29:33 | 002,410,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014-03-03 15:29:32 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014-03-03 15:29:32 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014-03-03 15:29:32 | 003,090,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014-03-03 15:29:32 | 002,713,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014-03-03 15:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014-03-03 15:25:21 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014-03-01 21:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014-03-28 11:07:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-03-28 10:54:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\FoxTab.job
[2014-03-28 10:46:03 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-03-28 09:33:58 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-03-28 09:33:58 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-03-28 09:26:43 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-03-28 09:26:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-03-28 09:26:31 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2014-03-27 23:18:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-204788556-4053771484-397145501-1001UA.job
[2014-03-27 22:20:15 | 000,015,540 | ---- | M] () -- C:\Users\Adrian\Desktop\5e.jpg
[2014-03-27 19:43:56 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-03-27 19:43:56 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014-03-27 13:23:11 | 004,882,180 | ---- | M] () -- C:\Users\Adrian\Desktop\Martin Garrix - Animals (Original Mix).mp3
[2014-03-27 11:18:01 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-204788556-4053771484-397145501-1001Core.job
[2014-03-27 11:16:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adrian\Desktop\OTL.exe
[2014-03-25 20:04:02 | 000,001,303 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2014.lnk
[2014-03-25 19:00:42 | 002,194,310 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-03-25 19:00:42 | 001,195,598 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-03-25 19:00:42 | 000,651,038 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-03-25 19:00:42 | 000,601,284 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-03-25 19:00:41 | 000,006,634 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-03-24 19:43:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014-03-23 08:43:14 | 004,864,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-03-22 19:13:45 | 000,015,360 | ---- | M] () -- C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-03-22 17:21:10 | 017,341,091 | ---- | M] () -- C:\Users\Adrian\Desktop\Podkład.mp3
[2014-03-20 23:10:29 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-03-20 23:10:29 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-03-19 21:26:43 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-03-17 22:12:48 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Wielu graczy.lnk
[2014-03-17 22:12:48 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Jeden gracz.lnk
[2014-03-17 22:12:06 | 000,000,331 | ---- | M] () -- C:\Windows\game.ini
[2014-03-14 21:41:54 | 000,000,940 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 14.lnk
[2014-03-14 14:51:33 | 000,014,032 | ---- | M] () -- C:\Users\Adrian\Desktop\1924576_633164986732504_88733881_n.jpg
[2014-03-13 17:58:42 | 000,068,340 | ---- | M] () -- C:\Users\Adrian\Desktop\FC-Barcelona-Logo-Wallpaper-fc-barcelona-22614314-500-400.jpg
[2014-03-13 17:51:01 | 000,000,889 | ---- | M] () -- C:\Users\Adrian\.recently-used.xbel
[2014-03-11 20:39:20 | 000,000,856 | ---- | M] () -- C:\Users\Adrian\Desktop\samp.exe.lnk
[2014-03-11 20:23:35 | 000,000,827 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2014-03-11 19:29:05 | 000,000,859 | ---- | M] () -- C:\Users\Adrian\Desktop\µTorrent.lnk
[2014-03-10 19:09:31 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2014-03-05 18:52:15 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2014-03-05 18:29:53 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2014-03-04 18:14:29 | 000,000,677 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2014-03-04 14:55:02 | 000,001,496 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
[2014-03-03 18:02:51 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-03-03 18:02:50 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-03-03 18:02:50 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-03-03 18:02:49 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014-02-26 21:23:24 | 000,018,123 | ---- | M] () -- C:\Users\Adrian\Desktop\Wszystko i nic.jnt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014-03-27 22:20:12 | 000,015,540 | ---- | C] () -- C:\Users\Adrian\Desktop\5e.jpg
[2014-03-27 13:23:08 | 004,882,180 | ---- | C] () -- C:\Users\Adrian\Desktop\Martin Garrix - Animals (Original Mix).mp3
[2014-03-25 20:04:02 | 000,001,303 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2014.lnk
[2014-03-22 17:21:03 | 017,341,091 | ---- | C] () -- C:\Users\Adrian\Desktop\Podkład.mp3
[2014-03-19 21:26:43 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014-03-19 21:26:43 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-03-18 20:55:50 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-03-17 22:12:48 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Wielu graczy.lnk
[2014-03-17 22:12:48 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Jeden gracz.lnk
[2014-03-14 21:41:54 | 000,000,940 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 14.lnk
[2014-03-14 14:51:31 | 000,014,032 | ---- | C] () -- C:\Users\Adrian\Desktop\1924576_633164986732504_88733881_n.jpg
[2014-03-13 17:58:41 | 000,068,340 | ---- | C] () -- C:\Users\Adrian\Desktop\FC-Barcelona-Logo-Wallpaper-fc-barcelona-22614314-500-400.jpg
[2014-03-13 17:51:01 | 000,000,889 | ---- | C] () -- C:\Users\Adrian\.recently-used.xbel
[2014-03-11 20:39:20 | 000,000,856 | ---- | C] () -- C:\Users\Adrian\Desktop\samp.exe.lnk
[2014-03-11 20:23:35 | 000,000,827 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2014-03-11 19:29:05 | 000,000,859 | ---- | C] () -- C:\Users\Adrian\Desktop\µTorrent.lnk
[2014-03-10 19:09:31 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2014-03-05 18:52:15 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2014-03-05 18:29:53 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2014-03-04 18:14:29 | 000,000,677 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2014-03-03 15:29:34 | 000,024,544 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014-02-07 16:41:31 | 000,001,496 | ---- | C] () -- C:\Users\Adrian\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
[2013-12-15 20:30:54 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013-10-15 15:56:06 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2013-04-29 14:53:44 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013-02-15 17:47:13 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\H@tKeysH@@k.DLL
[2013-01-13 21:57:28 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013-01-13 21:57:25 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2013-01-12 23:30:07 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-12-27 19:55:53 | 000,015,360 | ---- | C] () -- C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-27 19:00:55 | 000,006,612 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-11-19 08:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012-11-19 08:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2002-08-08 00:13:02 | 000,319,488 | R--- | C] () -- C:\Users\Adrian\AppData\Roaming\MafiaSetup.exe
 
========== ZeroAccess Check ==========
 
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

 

Ventual Budowniczy

Ventual

Opublikowano
Budowniczy

Ventual

  • Autor
Opublikowano

 

OTL logfile created on: 2014-03-29 22:58:30 - Run 6
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Adrian\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,77 Gb Available Physical Memory | 38,29% Memory free
4,00 Gb Paging File | 2,50 Gb Available in Paging File | 62,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98,11 Gb Total Space | 45,75 Gb Free Space | 46,63% Space Free | Partition Type: NTFS
Drive D: | 105,47 Gb Total Space | 56,48 Gb Free Space | 53,55% Space Free | Partition Type: NTFS
 
Computer Name: ADRIAN-KOMPUTER | User Name: Adrian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS5ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AlcoholAutomount - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: Facebook Update - hkey= - key= - C:\Users\Adrian\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
MsConfig:64bit - StartUpReg: IVONA Reader - hkey= - key= - D:\Program Files (x86)\IVONA\IVONA Reader\IVONA Reader.exe (IVO Software Sp. z o.O.)
MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: screenSHU - hkey= - key= - C:\Program Files (x86)\screenSHU\screenSHU.exe ()
MsConfig:64bit - State: "startup" - Reg Error: Key error.

< End of report >

 

 

A tego pliku altbw02j.SYS nie mogę znaleźć.

Ventual Budowniczy

Ventual

Opublikowano
Budowniczy

Ventual

  • Autor
Opublikowano

OTL to to co wstawiałem na samym początku:

 

OTL:

 

 

OTL logfile created on: 2014-03-28 11:07:31 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Adrian\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,78 Gb Available Physical Memory | 38,79% Memory free
4,00 Gb Paging File | 1,73 Gb Available in Paging File | 43,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98,11 Gb Total Space | 45,85 Gb Free Space | 46,73% Space Free | Partition Type: NTFS
Drive D: | 105,47 Gb Total Space | 36,66 Gb Free Space | 34,76% Space Free | Partition Type: NTFS
 
Computer Name: ADRIAN-KOMPUTER | User Name: Adrian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014-03-27 11:16:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adrian\Desktop\OTL.exe
PRC - [2014-03-24 19:43:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014-03-20 23:10:29 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
PRC - [2014-03-19 16:13:58 | 005,325,152 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.204\deploy\LoLLauncher.exe
PRC - [2014-03-15 09:40:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014-02-08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014-02-05 10:32:47 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014-02-05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013-12-25 13:49:08 | 009,547,240 | ---- | M] (TeamSpeak Systems GmbH) -- D:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
PRC - [2013-07-14 21:21:00 | 000,074,752 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.77\deploy\LolClient.exe
PRC - [2012-11-16 14:24:44 | 000,913,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2012-10-29 17:56:14 | 001,300,376 | ---- | M] () -- D:\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-02-11 21:52:00 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\SpeedyDrive\mounter.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014-03-20 23:10:27 | 016,276,872 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
MOD - [2014-03-19 16:14:00 | 000,265,056 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.204\deploy\RiotLauncher.dll
MOD - [2014-03-19 16:13:58 | 005,325,152 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.204\deploy\LoLLauncher.exe
MOD - [2014-03-15 09:40:38 | 003,642,480 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013-12-25 13:49:06 | 000,237,032 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
MOD - [2013-12-25 13:49:06 | 000,230,376 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
MOD - [2013-12-25 13:49:05 | 000,555,496 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
MOD - [2013-07-14 21:21:00 | 000,074,752 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.77\deploy\LolClient.exe
MOD - [2013-07-14 21:14:54 | 004,774,248 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.77\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
MOD - [2012-10-29 17:56:14 | 001,300,376 | ---- | M] () -- D:\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2012-07-30 15:13:00 | 000,195,584 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\imageformats\_old_qjpeg4.dll
MOD - [2012-07-30 15:13:00 | 000,025,600 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\imageformats\_old_qgif4.dll
MOD - [2011-03-04 11:02:54 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2011-03-04 11:02:52 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2011-03-04 11:02:50 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014-02-05 10:32:24 | 016,941,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2012-11-16 14:24:44 | 000,913,184 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008-07-29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2014-03-24 19:43:01 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014-03-20 23:10:29 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-03-15 09:40:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-02-08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014-02-05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014-01-07 22:00:22 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-02-07 13:10:08 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012-02-11 21:52:00 | 000,014,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SpeedyDrive\mounter.exe -- (DokanMounter)
SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013-12-27 19:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-09-10 17:33:10 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013-03-29 16:21:35 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2012-12-26 19:40:05 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-11-16 13:56:48 | 000,209,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012-09-12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012-03-14 07:40:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012-03-14 07:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-11 21:52:00 | 000,120,408 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\dokan.sys -- (Dokan)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-07-01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010-07-01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006-08-11 14:50:02 | 000,078,208 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfsync04.sys -- (sfsync04)
DRV:64bit: - [2006-07-05 13:48:19 | 000,077,688 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01a.sys -- (sfdrv01a)
DRV:64bit: - [2006-06-14 18:14:39 | 000,100,712 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02)
DRV:64bit: - [2006-06-14 15:58:10 | 000,014,192 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119816&tt=190313_wo1&babsrc=SP_ss&mntrId=BCF8001D7D2187AE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledAddons: autorefresh%40plugin:1.0.2
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.22
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2832599&SearchSource=2&CUI=UN27808372543842215&UM=1&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre1.7.0_07\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Adrian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefoxradka\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefoxradka\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-11-11 10:36:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-03-22 18:34:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-12-26 15:58:30 | 000,000,000 | ---D | M]
 
[2013-04-10 15:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Extensions
[2014-03-25 21:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions
[2014-03-24 22:07:25 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014-02-26 13:54:07 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2014-02-02 16:36:06 | 000,000,000 | ---D | M] ("Auto Refresh") -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\autorefresh@plugin
[2014-03-25 21:20:37 | 000,000,000 | ---D | M] ("MEGA") -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\[email protected]
[2014-03-25 21:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\staged
[2014-02-02 16:36:06 | 000,036,763 | ---- | M] () (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\rr8doj0o.default\Extensions\autorefresh@plugin.xpi
[2014-03-25 21:20:29 | 002,945,525 | ---- | M] () (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\rr8doj0o.default\Extensions\[email protected]
[2014-02-26 13:53:49 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\rr8doj0o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-12-03 14:52:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2014-03-19 21:26:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014-03-19 21:26:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-10-14 18:36:14 | 000,027,648 | ---- | M] (Ivo Software Sp. z o.O.) -- C:\Program Files (x86)\mozilla firefox\components\IvonaFirefoxToolbar.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = http://www.delta-search.com/?q={searchTerms}&affID=119816&tt=190313_wo1&babsrc=SP_ss&mntrId=BCF8001D7D2187AE
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.delta-search.com/?babsrc=HP_ss&mntrId=BCF8001D7D2187AE&affID=119820&tsp=4939
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Adrian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Dokumenty Google = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: 22find = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfda\2.0.1_0\
CHR - Extension: Value apps = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\
CHR - Extension: Google Wallet = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.7.0_07\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - D:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVO Software Sp. z o.O.)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.7.0_07\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - D:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVO Software Sp. z o.O.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - D:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVO Software Sp. z o.O.)
O3 - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - D:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVO Software Sp. z o.O.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [shadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.51.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.8.1 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20759542-2AB4-44B2-9728-D70C6A02BFD5}: DhcpNameServer = 192.168.8.1 8.8.8.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll) -  File not found
O20:64bit: - AppInit_DLLs: (c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-10-29 21:21:08 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-03-27 11:16:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Adrian\Desktop\OTL.exe
[2014-03-25 20:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2014-03-22 19:04:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014-03-22 19:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2014-03-22 19:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014-03-22 19:03:12 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014-03-22 19:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2014-03-22 19:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014-03-22 19:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014-03-22 19:00:07 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014-03-22 02:07:44 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\OBS
[2014-03-17 22:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2014-03-14 21:45:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2014-03-14 21:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
[2014-03-14 21:41:49 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Documents\FIFA 14
[2014-03-14 20:10:53 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\Setup Integrity Check
[2014-03-11 19:26:13 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\uTorrent
[2014-03-10 19:09:31 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Documents\Euro Truck Simulator 2
[2014-03-10 19:09:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
[2014-03-08 02:49:31 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\Ubisoft
[2014-03-08 02:17:13 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\InstallShield
[2014-03-05 19:29:34 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Documents\Rockstar Games
[2014-03-05 19:03:06 | 000,000,000 | RH-D | C] -- C:\Users\Adrian\AppData\Roaming\SecuROM
[2014-03-05 18:59:29 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\Rockstar Games
[2014-03-04 18:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2014-03-04 15:31:16 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Desktop\igrzyska grafika
[2014-03-03 18:03:06 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-03-03 18:02:56 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-03-03 15:39:47 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\NVIDIA Corporation
[2014-03-03 15:35:58 | 001,179,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014-03-03 15:35:57 | 001,048,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014-03-03 15:35:54 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\NVIDIA
[2014-03-03 15:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014-03-03 15:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014-03-03 15:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014-03-03 15:33:48 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014-03-03 15:33:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014-03-03 15:33:09 | 006,712,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014-03-03 15:33:09 | 003,498,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014-03-03 15:33:09 | 002,559,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014-03-03 15:33:09 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014-03-03 15:33:09 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014-03-03 15:32:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014-03-03 15:29:39 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014-03-03 15:29:39 | 000,035,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014-03-03 15:29:39 | 000,033,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014-03-03 15:29:38 | 018,257,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014-03-03 15:29:38 | 015,740,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014-03-03 15:29:35 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014-03-03 15:29:34 | 031,432,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014-03-03 15:29:34 | 023,683,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014-03-03 15:29:34 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014-03-03 15:29:34 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014-03-03 15:29:34 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014-03-03 15:29:34 | 000,892,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014-03-03 15:29:34 | 000,875,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014-03-03 15:29:34 | 000,863,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014-03-03 15:29:34 | 000,844,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014-03-03 15:29:33 | 017,715,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014-03-03 15:29:33 | 014,669,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014-03-03 15:29:33 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014-03-03 15:29:33 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014-03-03 15:29:33 | 003,142,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014-03-03 15:29:33 | 002,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014-03-03 15:29:33 | 002,782,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014-03-03 15:29:33 | 002,410,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014-03-03 15:29:32 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014-03-03 15:29:32 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014-03-03 15:29:32 | 003,090,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014-03-03 15:29:32 | 002,713,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014-03-03 15:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014-03-03 15:25:21 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014-03-01 21:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014-03-28 11:07:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-03-28 10:54:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\FoxTab.job
[2014-03-28 10:46:03 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-03-28 09:33:58 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-03-28 09:33:58 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-03-28 09:26:43 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-03-28 09:26:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-03-28 09:26:31 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2014-03-27 23:18:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-204788556-4053771484-397145501-1001UA.job
[2014-03-27 22:20:15 | 000,015,540 | ---- | M] () -- C:\Users\Adrian\Desktop\5e.jpg
[2014-03-27 19:43:56 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-03-27 19:43:56 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014-03-27 13:23:11 | 004,882,180 | ---- | M] () -- C:\Users\Adrian\Desktop\Martin Garrix - Animals (Original Mix).mp3
[2014-03-27 11:18:01 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-204788556-4053771484-397145501-1001Core.job
[2014-03-27 11:16:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adrian\Desktop\OTL.exe
[2014-03-25 20:04:02 | 000,001,303 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2014.lnk
[2014-03-25 19:00:42 | 002,194,310 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-03-25 19:00:42 | 001,195,598 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-03-25 19:00:42 | 000,651,038 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-03-25 19:00:42 | 000,601,284 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-03-25 19:00:41 | 000,006,634 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-03-24 19:43:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014-03-23 08:43:14 | 004,864,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-03-22 19:13:45 | 000,015,360 | ---- | M] () -- C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-03-22 17:21:10 | 017,341,091 | ---- | M] () -- C:\Users\Adrian\Desktop\Podkład.mp3
[2014-03-20 23:10:29 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-03-20 23:10:29 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-03-19 21:26:43 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-03-17 22:12:48 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Wielu graczy.lnk
[2014-03-17 22:12:48 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Jeden gracz.lnk
[2014-03-17 22:12:06 | 000,000,331 | ---- | M] () -- C:\Windows\game.ini
[2014-03-14 21:41:54 | 000,000,940 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 14.lnk
[2014-03-14 14:51:33 | 000,014,032 | ---- | M] () -- C:\Users\Adrian\Desktop\1924576_633164986732504_88733881_n.jpg
[2014-03-13 17:58:42 | 000,068,340 | ---- | M] () -- C:\Users\Adrian\Desktop\FC-Barcelona-Logo-Wallpaper-fc-barcelona-22614314-500-400.jpg
[2014-03-13 17:51:01 | 000,000,889 | ---- | M] () -- C:\Users\Adrian\.recently-used.xbel
[2014-03-11 20:39:20 | 000,000,856 | ---- | M] () -- C:\Users\Adrian\Desktop\samp.exe.lnk
[2014-03-11 20:23:35 | 000,000,827 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2014-03-11 19:29:05 | 000,000,859 | ---- | M] () -- C:\Users\Adrian\Desktop\µTorrent.lnk
[2014-03-10 19:09:31 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2014-03-05 18:52:15 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2014-03-05 18:29:53 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2014-03-04 18:14:29 | 000,000,677 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2014-03-04 14:55:02 | 000,001,496 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
[2014-03-03 18:02:51 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-03-03 18:02:50 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-03-03 18:02:50 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-03-03 18:02:49 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014-02-26 21:23:24 | 000,018,123 | ---- | M] () -- C:\Users\Adrian\Desktop\Wszystko i nic.jnt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014-03-27 22:20:12 | 000,015,540 | ---- | C] () -- C:\Users\Adrian\Desktop\5e.jpg
[2014-03-27 13:23:08 | 004,882,180 | ---- | C] () -- C:\Users\Adrian\Desktop\Martin Garrix - Animals (Original Mix).mp3
[2014-03-25 20:04:02 | 000,001,303 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2014.lnk
[2014-03-22 17:21:03 | 017,341,091 | ---- | C] () -- C:\Users\Adrian\Desktop\Podkład.mp3
[2014-03-19 21:26:43 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014-03-19 21:26:43 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-03-18 20:55:50 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-03-17 22:12:48 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Wielu graczy.lnk
[2014-03-17 22:12:48 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Jeden gracz.lnk
[2014-03-14 21:41:54 | 000,000,940 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 14.lnk
[2014-03-14 14:51:31 | 000,014,032 | ---- | C] () -- C:\Users\Adrian\Desktop\1924576_633164986732504_88733881_n.jpg
[2014-03-13 17:58:41 | 000,068,340 | ---- | C] () -- C:\Users\Adrian\Desktop\FC-Barcelona-Logo-Wallpaper-fc-barcelona-22614314-500-400.jpg
[2014-03-13 17:51:01 | 000,000,889 | ---- | C] () -- C:\Users\Adrian\.recently-used.xbel
[2014-03-11 20:39:20 | 000,000,856 | ---- | C] () -- C:\Users\Adrian\Desktop\samp.exe.lnk
[2014-03-11 20:23:35 | 000,000,827 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2014-03-11 19:29:05 | 000,000,859 | ---- | C] () -- C:\Users\Adrian\Desktop\µTorrent.lnk
[2014-03-10 19:09:31 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2014-03-05 18:52:15 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2014-03-05 18:29:53 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2014-03-04 18:14:29 | 000,000,677 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2014-03-03 15:29:34 | 000,024,544 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014-02-07 16:41:31 | 000,001,496 | ---- | C] () -- C:\Users\Adrian\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
[2013-12-15 20:30:54 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013-10-15 15:56:06 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2013-04-29 14:53:44 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013-02-15 17:47:13 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\H@tKeysH@@k.DLL
[2013-01-13 21:57:28 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013-01-13 21:57:25 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2013-01-12 23:30:07 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-12-27 19:55:53 | 000,015,360 | ---- | C] () -- C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-27 19:00:55 | 000,006,612 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-11-19 08:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012-11-19 08:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2002-08-08 00:13:02 | 000,319,488 | R--- | C] () -- C:\Users\Adrian\AppData\Roaming\MafiaSetup.exe
 
========== ZeroAccess Check ==========
 
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

 

 

A tu extras przed chwilą wstawiłem:

 

 

OTL Extras logfile created on: 2014-03-28 11:07:31 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Adrian\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,78 Gb Available Physical Memory | 38,79% Memory free
4,00 Gb Paging File | 1,73 Gb Available in Paging File | 43,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98,11 Gb Total Space | 45,85 Gb Free Space | 46,73% Space Free | Partition Type: NTFS
Drive D: | 105,47 Gb Total Space | 36,66 Gb Free Space | 34,76% Space Free | Partition Type: NTFS
 
Computer Name: ADRIAN-KOMPUTER | User Name: Adrian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Radek\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Radek\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A47B8F-6503-4E75-8271-73B057001602}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0789166E-85CC-468A-B8A4-A2EB4275F920}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{096CAB90-9FEA-4F55-ABA9-A58A6811C759}" = lport=138 | protocol=17 | dir=in | app=system |
"{1066B08B-64EC-4E36-8270-82DE6BA52855}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1CA18834-3DCC-486D-9AFE-9D1667659CD7}" = rport=445 | protocol=6 | dir=out | app=system |
"{1F6AE59C-B7DA-49AE-B384-74D1D9D5FE7E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{33B5B44E-FC3D-4916-BFF8-AE06D14C6006}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{3ECD4925-FB8D-4D70-B3FB-7D6B8020C019}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{49630462-4E7F-4F3F-AED1-AB2F5C7903E8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5284568C-127D-4024-BC7B-7BE1A07F19FA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5ACE7C69-F7BD-4954-8F70-2C56281DBF4E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5BE06247-18F8-4BAF-903E-0E191FFC3BFC}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5E187198-51D6-4101-9A03-791A0CD12A1D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5EB73E9A-6630-44E6-8CDB-F1ADC3A48CEA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5F102960-7D04-45D1-9020-48E893D8C81F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7B6FA065-FCB5-402D-A8F5-BC7BE45B118C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7D433A43-4A9F-4539-9DC2-BBCE13A1597C}" = lport=137 | protocol=17 | dir=in | app=system |
"{864A4E42-ACFC-4E0D-BBE6-F3B283EF7EB8}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{90FC1ED5-2E1F-47DF-8B68-F16EA5EA37DA}" = rport=139 | protocol=6 | dir=out | app=system |
"{92E79F44-26DD-49E9-9B09-CBF03D9CC230}" = rport=137 | protocol=17 | dir=out | app=system |
"{B7943FB6-073F-4778-B5EC-258E9BA836E3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B84A383A-228D-4DEA-A42C-FC5654611620}" = rport=138 | protocol=17 | dir=out | app=system |
"{CA1A8830-DE76-4222-8BED-1130AA51B942}" = lport=139 | protocol=6 | dir=in | app=system |
"{CB589772-FD6C-46CC-8469-E91EEF645C59}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CBABC607-FE55-47BE-B387-AB3F98AC0B67}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE3AEDDF-303F-4930-8A7E-0D511335FA27}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E62F5D4F-E842-4E55-9EC0-DE5F2264290A}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{E8D7786D-95A3-4620-97CA-8314F42DE02A}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E9AD6D62-5E15-4147-BBF0-8BE4880C6428}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F2DBF817-0A0A-4533-B380-87B0FDC506FD}" = lport=445 | protocol=6 | dir=in | app=system |
"{FAD95741-AEB2-4456-913E-2526FCFA1E1F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{081AE6A1-EE4A-49C3-AF61-456B296704FB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0E753D72-ABA8-48D6-B4F5-66101D08200B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{0EB38C1D-6114-47A5-9480-FD9A758B1E93}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{0EB7C8C0-1FD7-4FD5-BBD4-72CD46B9E115}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{139398FD-9A75-4863-8622-2E589E1EF276}" = protocol=6 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{18180828-5D86-4881-B420-28F348DF1736}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{1AB7F3EC-4A58-4179-A706-4A3D80A55433}" = protocol=1 | dir=out | [email protected],-28544 |
"{1BFDA18F-51B3-48A1-8037-5EFB9D9354B0}" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{212342FF-4FE1-4494-AAFC-5ABB5EB10842}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2332BC28-89A0-426C-A7CA-ADE3B14170EC}" = dir=in | app=c:\users\adrian\appdata\local\microsoft\skydrive\skydrive.exe |
"{2854CD65-369E-4E8E-B59D-8950112DF5DE}" = protocol=6 | dir=in | app=d:\dreikon bs\metin2.bin |
"{2C08CBB0-9B27-42DB-8708-6C02C3B3940C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2E759A36-0E03-4367-B1E1-5DD1F13A1C4B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2F497D7E-DC49-4744-AF0A-A5E5F283E7CF}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{32240F28-76E7-42B4-B675-E43A6957FF16}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{3386C18B-2CF7-4C02-9932-52F4761F1D47}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{360DA03C-CDBB-4268-9B08-E870A87CFDC2}" = protocol=58 | dir=in | [email protected],-28545 |
"{3A66B4A4-7628-44E8-A791-E15FF8742BB3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3AB29EA3-3547-4F4D-8D68-9EDA0753208E}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{3ABEC727-6F64-45E9-BB07-2F0E57128E2F}" = protocol=17 | dir=in | app=c:\users\adrian\desktop\teamspeak3-server_win32-3.0.10.3\teamspeak3-server_win32\ts3server_win32.exe |
"{3F02E261-8DF9-4C65-B6CE-E211D8081D7B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3F1E8392-875B-435F-A77D-F9C75C561EB9}" = protocol=6 | dir=in | app=d:\kmr priv\dreikon.exe |
"{3FDD9A09-3BB7-4BF0-9D87-8CD6F7584505}" = protocol=6 | dir=in | app=c:\users\adrian\appdata\roaming\utorrent\utorrent.exe |
"{4367A649-6023-4198-ADE3-852AD3662BD8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{496CB7D8-5A07-481F-93EC-EFB78B76BC39}" = protocol=17 | dir=in | app=d:\kmr priv\pandoramt2 (bez patchera).exe |
"{4CEF12E1-1B3B-4F5A-A13D-E79002067DA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4D5B7522-478E-496B-9A48-09447C1BDFB4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{523E539D-5B7D-41AF-B668-0DF7C9A3ECFC}" = protocol=6 | dir=in | app=d:\games\fifa 14\game\fifa14.exe |
"{533EB30C-3649-40A5-8133-267F5EAB2A3E}" = protocol=6 | dir=in | app=d:\dreikon\dreikon\metin2.bin |
"{5415165E-D255-4B68-9BBC-100B95ED74C6}" = protocol=6 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\metin2client.bin |
"{5DEDA912-C6CF-419A-8FE7-E541431A698D}" = protocol=17 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\metin2client.bin |
"{62940A1D-1C49-41DC-9F90-420930146BD7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6631613A-F64F-40E4-B6C0-48534FA16413}" = protocol=17 | dir=in | app=d:\dreikon\dreikon\metin2.bin |
"{665F1CCC-B6B4-466D-89DD-91153DF616D5}" = protocol=6 | dir=in | app=c:\users\adrian\desktop\teamspeak3-server_win32-3.0.10.3\teamspeak3-server_win32\ts3server_win32.exe |
"{6B9BAB09-49C5-4932-AD7F-D748BDA2326F}" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{72246660-7F87-4F8B-8BF1-E00B26D8FFC1}" = protocol=17 | dir=in | app=d:\dreikon bs\metin2.bin |
"{723E109D-4551-4769-AE36-84B4FE6B5509}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7F062C4E-7ABB-4B1C-BBB0-8C76914388AC}" = protocol=17 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\launcher.exe |
"{7FF98FF0-FFFA-4313-BDB8-C905CAEA6D7D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{81935A97-FF0C-4585-B7E8-FC6762D513AD}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{83CB34B7-9677-4FF3-8765-48DB8D9B6774}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{86C2BCB8-11BD-4B15-88DE-C5FB5A9C540B}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe |
"{88FC2BD4-DD59-431A-AB14-31106250D433}" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{8981295B-9183-4B94-86C0-1BC946927442}" = protocol=1 | dir=in | [email protected],-28543 |
"{89F571D6-5AC0-4BB8-9AAF-A564F256E867}" = protocol=17 | dir=in | app=c:\users\adrian\appdata\roaming\utorrent\utorrent.exe |
"{90359D46-AE16-4B72-84DF-2BA4490AE71E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{90FB5DA6-6951-4C2A-AE86-1143193FFF86}" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{91E92A2E-C219-47F1-B546-585C69A279BA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{928FF9A0-D729-4A8D-921C-A3166D9D464D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{95296C28-5EE4-43B6-B3BA-457C53672E98}" = protocol=17 | dir=in | app=c:\users\adrian\desktop\utorrent.exe |
"{958411AB-5981-470C-BBEC-DA1AA659B4D9}" = protocol=17 | dir=in | app=d:\kmr priv\dreikon.exe |
"{96E0ABD5-B02D-47EA-A8E6-7462E4CBD724}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A4EC53D6-6790-4888-B24F-BB821BFCF4BB}" = dir=in | app=c:\users\adrian\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{AF32B5AE-C464-4DB7-B367-86E21F4CCB44}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{B054C8B3-888D-4DD0-9481-CD3DF5CF882E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B305A452-7627-41D1-9B64-9C5F14ECCE9B}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe |
"{BBEBC49C-2831-40FF-B20C-66791421DEB5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C4C27C6F-FB04-4A49-A01E-BA4733D33BCF}" = protocol=6 | dir=in | app=d:\kmr priv\pandoramt2 (bez patchera).exe |
"{C60DE775-9B3E-4B97-B43E-BD9ABE355ED0}" = protocol=6 | dir=in | app=c:\users\adrian\desktop\utorrent.exe |
"{C90C0006-2F8B-4249-A1A2-4E5374B1C13E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CBFF4F13-EC61-4711-89D8-450E8F76BD16}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{D04A256C-D04A-42B4-8153-FC8E9EDFC3E6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D09068EF-6985-41B7-B91F-5206FC72C5F5}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{D4D988AB-D2FC-4A78-8315-A8EA3B025772}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D754D9C0-4DE6-4694-8891-7929E4656D57}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{DA5B1304-FDF2-4B7C-99ED-32732C85F27B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DB086535-D999-468A-937F-9E266028640A}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{DC7A5B30-1E3B-431A-959C-E0A6D58F809E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DE1223ED-6DE9-445A-90FA-7A5290238A21}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{DF1D4A07-FB4F-4B2D-A13E-C54AB66531F6}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{E010D3F8-D71A-4C2E-B376-9263D4509CB3}" = protocol=17 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{E038F26C-ECE0-468C-94F2-40532DE5C487}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E1A08201-80F9-431B-8698-12011856B01D}" = protocol=6 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\launcher.exe |
"{E4B74B97-CA8D-472A-B994-0FE34B6D99F4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E58FA32E-FF98-4997-9D70-948C4AEFAA14}" = protocol=6 | dir=out | app=system |
"{E8AE353E-D725-465D-A522-8F2CB8AE30B5}" = protocol=58 | dir=in | app=system |
"{E8D3BB2F-BFA5-4B58-B9FD-72F136347F00}" = protocol=58 | dir=out | [email protected],-503 |
"{E9508320-00D6-402C-A9D7-2E571DD0BBB3}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{F007EA88-3D72-4847-AECD-8BA24D841230}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{F088C314-2A2C-4723-8531-AB9010A1B9CF}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{F200155A-45DE-40F1-8831-6E1868D2795F}" = protocol=17 | dir=in | app=d:\games\fifa 14\game\fifa14.exe |
"{F63AE892-4F6C-482C-B91F-80AF0C4EB03D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{FD92C673-F18D-443F-8D84-50A93AD32260}" = protocol=58 | dir=out | [email protected],-28546 |
"TCP Query User{0DE052E4-D9A4-483F-B729-390090B8014C}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{1313F8E3-AE22-4743-895C-5EE1CFDF8723}D:\kmr priv\dreikon.exe" = protocol=6 | dir=in | app=d:\kmr priv\dreikon.exe |
"TCP Query User{19FCA63C-9719-4573-A620-CB843C899BA6}C:\users\adrian\desktop\ethana.eu - official client 02.01.2014\launcher.exe" = protocol=6 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\launcher.exe |
"TCP Query User{1EFADEF6-5E64-46DE-B869-D6F979765657}D:\games\counter-strike\hl.exe" = protocol=6 | dir=in | app=d:\games\counter-strike\hl.exe |
"TCP Query User{2AD9F6FA-7854-497F-A5B5-DAE85453E3D0}C:\users\adrian\desktop\ethana.eu - official client 02.01.2014\metin2client.bin" = protocol=6 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\metin2client.bin |
"TCP Query User{35207AA6-AB53-40A8-BF69-03F57A1A20D0}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{796A6153-029A-4CCB-97F4-F2876B5EC059}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{7A946398-EB93-4A1D-8BF9-43A9839B7158}C:\users\adrian\desktop\teamspeak3-server_win32-3.0.10.3\teamspeak3-server_win32\ts3server_win32.exe" = protocol=6 | dir=in | app=c:\users\adrian\desktop\teamspeak3-server_win32-3.0.10.3\teamspeak3-server_win32\ts3server_win32.exe |
"TCP Query User{80553FBD-E7D6-405F-9B69-AA897B457212}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{8702DC22-78EB-4E90-88EC-08BCE17CEA65}C:\program files\java\jre7\launch4j-tmp\minecraftzyczu.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\minecraftzyczu.exe |
"TCP Query User{99B01F3C-04CF-44F9-BD97-9C7C88EED4CC}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{B4040B54-0BD2-4FAB-9553-C7C069542B02}D:\dreikon bs\metin2.bin" = protocol=6 | dir=in | app=d:\dreikon bs\metin2.bin |
"TCP Query User{B49B3182-A5E6-412F-8D64-B454D6E32F21}D:\kmr priv\pandoramt2 (bez patchera).exe" = protocol=6 | dir=in | app=d:\kmr priv\pandoramt2 (bez patchera).exe |
"TCP Query User{BE702BA9-EE87-4041-9648-E5F8F9922EBB}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{C37A606E-DEB8-4D4E-B540-DEDF14AFFA92}D:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{DCEB9779-63CF-45B2-9E4D-071A49515EB9}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{DF30E941-1996-4976-B2FE-0D57D7A595DE}D:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{E0541D3E-4340-43BE-8EBD-EFAF762D7AD8}D:\program files (x86)\gadu-gadu 10x\gg.exe" = protocol=6 | dir=in | app=d:\program files (x86)\gadu-gadu 10x\gg.exe |
"TCP Query User{F26FE599-F4A6-4A7F-A07C-93AA239D5691}D:\games\counter strike 1.6\hl.exe" = protocol=6 | dir=in | app=d:\games\counter strike 1.6\hl.exe |
"TCP Query User{F8B2B030-35FE-4419-8FCC-B94A5303D29A}D:\dreikon\dreikon\metin2.bin" = protocol=6 | dir=in | app=d:\dreikon\dreikon\metin2.bin |
"UDP Query User{0BC4D20B-44C7-4FD4-88A9-9981248644C0}D:\games\counter-strike\hl.exe" = protocol=17 | dir=in | app=d:\games\counter-strike\hl.exe |
"UDP Query User{12B891B8-0C1D-447F-B277-5620317C06AE}D:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{137884C4-8079-4442-8AF0-AA51422B9B26}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{2E219EFE-27CC-4F1D-862D-32267617D3C3}D:\dreikon bs\metin2.bin" = protocol=17 | dir=in | app=d:\dreikon bs\metin2.bin |
"UDP Query User{46AB8D12-3E7A-428C-BC26-967C626032E1}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{51456793-AFB6-4CFD-9B35-F760D52252B5}C:\users\adrian\desktop\teamspeak3-server_win32-3.0.10.3\teamspeak3-server_win32\ts3server_win32.exe" = protocol=17 | dir=in | app=c:\users\adrian\desktop\teamspeak3-server_win32-3.0.10.3\teamspeak3-server_win32\ts3server_win32.exe |
"UDP Query User{635BE21D-1EBF-485D-8976-458D3B7BC95E}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{669C6B99-4113-43D2-8F1A-661AFC4F0938}C:\users\adrian\desktop\ethana.eu - official client 02.01.2014\metin2client.bin" = protocol=17 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\metin2client.bin |
"UDP Query User{6723ACD3-8A36-4EFF-B697-8C52F40A5B16}C:\users\adrian\desktop\ethana.eu - official client 02.01.2014\launcher.exe" = protocol=17 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\launcher.exe |
"UDP Query User{76ADC31E-3D72-4F01-BF5B-8C0177700927}D:\dreikon\dreikon\metin2.bin" = protocol=17 | dir=in | app=d:\dreikon\dreikon\metin2.bin |
"UDP Query User{76D971E7-C4CA-4F97-8049-FE4BD04148B7}D:\program files (x86)\gadu-gadu 10x\gg.exe" = protocol=17 | dir=in | app=d:\program files (x86)\gadu-gadu 10x\gg.exe |
"UDP Query User{881D214A-E365-401B-B736-5CDA6167800D}D:\games\counter strike 1.6\hl.exe" = protocol=17 | dir=in | app=d:\games\counter strike 1.6\hl.exe |
"UDP Query User{8DD193AF-BA77-458A-891B-8FE413D1D660}D:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{967D4291-E5F3-4F35-B230-2E379D67F969}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{A384278D-BCCE-4881-B0A5-8B61FD5822A6}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{B25B74F1-531A-4C60-8A68-7A6A0299B180}D:\kmr priv\dreikon.exe" = protocol=17 | dir=in | app=d:\kmr priv\dreikon.exe |
"UDP Query User{C69D5FEE-C0CA-4286-A3F2-3389C57DB15C}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{DDFD6692-674D-4327-A16C-C5FF067E1BBA}C:\program files\java\jre7\launch4j-tmp\minecraftzyczu.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\minecraftzyczu.exe |
"UDP Query User{EB5ABFEC-D1FE-42C0-9760-1CE813920B44}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{F9E4DA17-063F-428C-AD58-CE07212F7B95}D:\kmr priv\pandoramt2 (bez patchera).exe" = protocol=17 | dir=in | app=d:\kmr priv\pandoramt2 (bez patchera).exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417007F0}" = Java 7 Update 7 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)
"{40E81D3B-376B-40D2-BCB7-BE43D277F11F}" = Microsoft SQL Server 2008 Native Client
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4E99A992-BF07-48AE-B0C6-5500F54EA3DA}" = Enregistreur VSS Microsoft SQL Server
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{64A3A4F4-B792-11D6-A78A-00B0D0170100}" = Java SE Development Kit 7 Update 10 (64-bit)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8629276E-DDE1-49AE-9329-699D253DA091}" = ESET NOD32 Antivirus
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010
"{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{91140000-0018-0000-1000-0000000FF1CE}" = Microsoft Office PowerPoint 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Polski pakiet językowy dla programu Microsoft .NET Framework 4.5 PLK
"{94C42BE9-B62A-3558-A793-AD49B354F7AA}" = Microsoft .NET Framework 4.5 PLK Language Pack
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB085680-FE98-11E1-A232-F04DA23A5C58}" = MSVCRT Redists
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{BD422D00-5232-11E3-A6F3-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{C2B8CBDE-5232-11E3-B494-F04DA23A5C58}" = MSVCRT Redists
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EC042023-D225-3E2F-B60C-448F5F69B9FB}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - FRA
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"{FCE145AD-C3AD-34F3-9012-4CB5E1B2029E}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - fra
"8461-7759-5462-8226" = Vuze
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.67.1
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - FRA" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - Français
"Office14.POWERPOINTR" = Microsoft PowerPoint 2010 dla Użytkowników Domowych i Uczniów
"Opera 12.14.1738" = Opera 12.14
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"Unlocker" = Unlocker 1.9.2
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
"WinRAR archiver" = WinRAR 4.20 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1026DF85-1C0F-4839-888E-EB9D5B73CF46}" = Windows Live Writer
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{23D448C7-7DC7-4C15-B47D-C99364501F07}" = Microsoft SQL Server 2008 Database Engine Services
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java 6 Update 25
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{37FDD121-C443-4FD3-A213-2449B397C068}" = Windows Live Messenger
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{4401409D-25F1-4E85-8A3C-6BA6FFCFBFED}" = Microsoft SQL Server 2008 Browser
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4C3FF4F7-6033-3129-8D21-9FC8C8B82D65}" = Microsoft Visual C++ 2008 Express Edition with SP1 - FRA
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones
"{4E55905B-849D-4633-9267-3EC77E24221A}" = Poczta usługi Windows Live
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{51DE0B73-7A33-41B8-9183-8321D40815E0}" = Microsoft SQL Server 2008 Common Files
"{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Obsługa programów Apple
"{6049054B-DB11-48E1-A583-9A565D5C8856}_is1" = "FIFA 14"
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii
"{76E62ACD-1536-4AC7-9A2E-B7DB4F2ACE5E}" = Windows Live Family Safety
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{91B33C97-280F-B76D-E27B-E712D7041B76}_is1" = Ashampoo Burning Studio 2014 v.12.0.5
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common
"{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI - Polish
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare
"{E800ADC4-F459-42F5-89A2-E754634B010A}" = Windows Live Writer Resources
"{E9627240-E930-11E0-8690-F04DA23A5C58}" = MSVCRT Redists
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F05F9FC5-A369-4989-8923-33A191F08232}" = Fichiers support d'instal. Microsoft SQL Server 2008 (français)
"{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0FD00FD-CE66-474F-A116-72B4880E8B47}" = Microsoft SQL Server 2008 Database Engine Shared
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AIMP3" = AIMP3
"Anim-FX" = Anim-FX
"Any Video Converter_is1" = Any Video Converter 3.5.8
"Applian FLV Player2.0.24" = Applian FLV Player
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"bi_uninstaller" = Bundled software uninstaller
"Counter Strike 1.6 CS 1.6" = Counter Strike 1.6 CS 1.6
"DAEMON Tools Lite" = DAEMON Tools Lite
"Fraps" = Fraps (remove only)
"Gadu-Gadu 10" = Gadu-Gadu 10
"Google Chrome" = Google Chrome
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare
"ipla" = ipla 2.7
"IVONA 2" = IVONA 2
"IVONA Reader" = IVONA Reader
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic)
"Łatka polonizacyjna GTA IV v0.99" = Łatka polonizacyjna GTA IV v0.99
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C++ 2008 Express Edition with SP1 - FRA" = Microsoft Visual C++ 2008 Express SP1 - Français
"Mozilla Firefox 28.0 (x86 pl)" = Mozilla Firefox 28.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTA:SA 1.3" = MTA:SA v1.3.2
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenFm" = OpenFm
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 2.0.2
"screenSHU" = screenSHU - the fastest screen capture ever.
"SpeedFan" = SpeedFan (remove only)
"SpeedyDrive" = Speedy Drive (remove only)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"XnView_is1" = XnView 1.99.6
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG
"Mipony Download Manager Packages" = Mipony Download Manager Packages
"Mipony Download Manager Packages 3" = Mipony Download Manager Packages 3
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2014-03-26 04:06:25 | Computer Name = Adrian-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2014-03-26 05:10:03 | Computer Name = Adrian-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7601.17567,
 sygnatura czasowa: 0x4d672ee4  Nazwa modułu powodującego błąd: loader.dll, wersja:
 2.7.1.0, sygnatura czasowa: 0x5270f4d5  Kod wyjątku: 0xc0000005  Przesunięcie błędu:
 0x0000000000004f82  Identyfikator procesu powodującego błąd: 0x698  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01cf48ca20dc9b60  Ścieżka aplikacji powodującej błąd:
 C:\Windows\Explorer.EXE  Ścieżka modułu powodującego błąd: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll
Identyfikator
 raportu: 69d44c60-b4c6-11e3-aa48-001d7d2187ae
 
Error - 2014-03-26 05:10:16 | Computer Name = Adrian-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7601.17567,
 sygnatura czasowa: 0x4d672ee4  Nazwa modułu powodującego błąd: loader.dll, wersja:
 2.7.1.0, sygnatura czasowa: 0x5270f4d5  Kod wyjątku: 0xc000041d  Przesunięcie błędu:
 0x0000000000004f82  Identyfikator procesu powodującego błąd: 0x698  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01cf48ca20dc9b60  Ścieżka aplikacji powodującej błąd:
 C:\Windows\Explorer.EXE  Ścieżka modułu powodującego błąd: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll
Identyfikator
 raportu: 71c8bc80-b4c6-11e3-aa48-001d7d2187ae
 
Error - 2014-03-26 05:21:44 | Computer Name = Adrian-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2014-03-26 11:12:11 | Computer Name = Adrian-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2014-03-26 19:32:18 | Computer Name = Adrian-Komputer | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =
 
Error - 2014-03-27 05:10:32 | Computer Name = Adrian-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2014-03-28 04:00:25 | Computer Name = Adrian-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2014-03-28 04:28:21 | Computer Name = Adrian-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2014-03-28 06:01:15 | Computer Name = Adrian-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: League of Legends.exe, wersja: 4.4.0.1858,
 sygnatura czasowa: 0x53214f63  Nazwa modułu powodującego błąd: League of Legends.exe,
 wersja: 4.4.0.1858, sygnatura czasowa: 0x53214f63  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x003e871f  Identyfikator procesu powodującego błąd: 0x424  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01cf4a6617af4db0  Ścieżka aplikacji powodującej błąd:
 D:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League
 of Legends.exe  Ścieżka modułu powodującego błąd: D:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League
 of Legends.exe  Identyfikator raportu: e5fe3770-b65f-11e3-b577-001d7d2187ae
 
[ System Events ]
Error - 2014-03-27 10:10:54 | Computer Name = Adrian-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.
 
Error - 2014-03-27 10:10:58 | Computer Name = Adrian-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.
 
Error - 2014-03-27 10:12:34 | Computer Name = Adrian-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.
 
Error - 2014-03-27 10:12:38 | Computer Name = Adrian-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.
 
Error - 2014-03-28 03:58:26 | Computer Name = Adrian-Komputer | Source = Application Popup | ID = 875
Description = Sterownik sfsync04.sys został zablokowany dla ładowania.
 
Error - 2014-03-28 03:58:28 | Computer Name = Adrian-Komputer | Source = Application Popup | ID = 875
Description = Sterownik sfdrv01a.sys został zablokowany dla ładowania.
 
Error - 2014-03-28 03:59:08 | Computer Name = Adrian-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   sfdrv01a  sfsync04
 
Error - 2014-03-28 04:26:19 | Computer Name = Adrian-Komputer | Source = Application Popup | ID = 875
Description = Sterownik sfsync04.sys został zablokowany dla ładowania.
 
Error - 2014-03-28 04:26:21 | Computer Name = Adrian-Komputer | Source = Application Popup | ID = 875
Description = Sterownik sfdrv01a.sys został zablokowany dla ładowania.
 
Error - 2014-03-28 04:26:50 | Computer Name = Adrian-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   sfdrv01a  sfsync04
 
 
< End of report >



 

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

eh. x: te 2 logi które wstawiłeś są identyczne bo są to pliki OTL.txt a ja potrzebuje Extras.txt. zobacz w folderze gdzie jest OTL czy nie ma pliku Extras.txt albo wyszukaj go poprzez szukajke w systemie

http://prntscr.com/34ti6h

<-- to masz wstawić na forum, 2 pliki textowe 

 

 

/edit

 

teraz dobrze wstawiłeś ;)

_____________________________________________________________________________________________

 

masz jakieś problemy z dyskiem? 

 

Error - 2014-03-27 10:10:58 | Computer Name = Adrian-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.
 
Error - 2014-03-27 10:12:34 | Computer Name = Adrian-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.
 
Error - 2014-03-27 10:12:38 | Computer Name = Adrian-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

 

pobierz 

crystalmark.info/software/CrystalDiskInfo/index-e.html 

 i 

www.hdtune.com/download.html 

. W crystal disk info robisz tylko ss'a i wstawiasz na forum, w HDtune robisz ss'a i przechodzisz w zakładkę Error Scan i pełne skanowanie! (odznacz quick scan) 

Ventual Budowniczy

Ventual

Opublikowano
Budowniczy

Ventual

  • Autor
Opublikowano

 

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-29 14:44:46
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000063 ST325031 rev.3.AA 232,88GB
Running: gmer.exe; Driver: C:\Users\Adrian\AppData\Local\Temp\awrdypog.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\Windows\system32\DRIVERS\USBPORT.SYS!DllUnload                                                                                                                          fffff88006c28d64 12 bytes {MOV RAX, 0xfffffa80030ed2a0; JMP RAX}

---- User code sections - GMER 2.1 ----

.text   C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe[1572] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                                 00000000758887b1 4 bytes [C2, 04, 00, 00]
?       C:\Windows\system32\mssprxy.dll [4988] entry point in ".rdata" section                                                                                                     0000000073ec71e6
.text   D:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League of Legends.exe[2688] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter  00000000758887b1 5 bytes [33, C0, C2, 04, 00]

---- Kernel IAT/EAT - GMER 2.1 ----

IAT     C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort]                                                                                             [fffff88001082f1c] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT     C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar]                                                                                                    [fffff88001082cc0] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT     C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar]                                                                                                   [fffff8800108369c] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT     C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong]                                                                                                   [fffff88001083a98] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT     C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort]                                                                                            [fffff880010838f4] \SystemRoot\System32\Drivers\sptd.sys [.text]

---- Devices - GMER 2.1 ----

Device  \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0                                                                                                                                fffffa80018842c0
Device  \Driver\atapi \Device\Ide\IdePort0                                                                                                                                         fffffa80018842c0
Device  \Driver\atapi \Device\Ide\IdePort1                                                                                                                                         fffffa80018842c0
Device  \Driver\altbw02j \Device\Scsi\altbw02j1Port3Path0Target0Lun0                                                                                                               fffffa8002b1f2c0
Device  \Driver\altbw02j \Device\Scsi\altbw02j1                                                                                                                                    fffffa8002b1f2c0
Device  \FileSystem\Ntfs \Ntfs                                                                                                                                                     fffffa800188a2c0
Device  \Driver\usbehci \Device\USBPDO-1                                                                                                                                           fffffa800311e2c0
Device  \Driver\nvstor \Device\RaidPort0                                                                                                                                           fffffa80018862c0
Device  \Driver\cdrom \Device\CdRom0                                                                                                                                               fffffa8002bbf2c0
Device  \Driver\cdrom \Device\CdRom1                                                                                                                                               fffffa8002bbf2c0
Device  \Driver\cdrom \Device\CdRom2                                                                                                                                               fffffa8002bbf2c0
Device  \Driver\cdrom \Device\CdRom3                                                                                                                                               fffffa8002bbf2c0
Device  \Driver\usbohci \Device\USBFDO-0                                                                                                                                           fffffa80031102c0
Device  \Driver\dtsoftbus01 \Device\DTSoftBusCtl                                                                                                                                   fffffa800256c2c0
Device  \Driver\NetBT \Device\NetBT_Tcpip_{20759542-2AB4-44B2-9728-D70C6A02BFD5}                                                                                                   fffffa8002bba2c0
Device  \Driver\dtsoftbus01 \Device\00000066                                                                                                                                       fffffa800256c2c0
Device  \Driver\usbehci \Device\USBFDO-1                                                                                                                                           fffffa800311e2c0
Device  \Driver\NetBT \Device\NetBt_Wins_Export                                                                                                                                    fffffa8002bba2c0
Device  \Driver\dtsoftbus01 \Device\00000067                                                                                                                                       fffffa800256c2c0
Device  \Driver\nvstor \Device\00000063                                                                                                                                            fffffa80018862c0
Device  \Driver\atapi \Device\ScsiPort0                                                                                                                                            fffffa80018842c0
Device  \Driver\usbohci \Device\USBPDO-0                                                                                                                                           fffffa80031102c0
Device  \Driver\atapi \Device\ScsiPort1                                                                                                                                            fffffa80018842c0
Device  \Driver\nvstor \Device\ScsiPort2                                                                                                                                           fffffa80018862c0
Device  \Driver\altbw02j \Device\ScsiPort3                                                                                                                                         fffffa8002b1f2c0

---- Trace I/O - GMER 2.1 ----

Trace   ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80018862c0]<< sptd.sys storport.sys hal.dll nvstor.sys                                                      fffffa80018862c0
Trace   1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80024e5060]                                                                                                            fffffa80024e5060
Trace   3 CLASSPNP.SYS[fffff88001aac43f] -> nt!IofCallDriver -> [0xfffffa80018d3040]                                                                                               fffffa80018d3040
Trace   5 ACPI.sys[fffff88000f537a1] -> nt!IofCallDriver -> \Device\00000063[0xfffffa80022b19c0]                                                                                   fffffa80022b19c0
Trace   \Driver\nvstor[0xfffffa800229c550] -> IRP_MJ_CREATE -> 0xfffffa80018862c0                                                                                                  fffffa80018862c0

---- Modules - GMER 2.1 ----

Module  \SystemRoot\System32\Drivers\altbw02j.SYS                                                                                                                                  fffff88007154000-fffff880071a5000 (331776 bytes)

---- Threads - GMER 2.1 ----

Thread  C:\Windows\System32\svchost.exe [940:2356]                                                                                                                                 000007fef5bd6b8c
Thread  C:\Windows\System32\svchost.exe [940:4676]                                                                                                                                 000007fef5bd1d88
Thread  C:\Windows\System32\svchost.exe [1020:3100]                                                                                                                                000007fef3ac20c0
Thread  C:\Windows\System32\svchost.exe [1020:3128]                                                                                                                                000007fef3ac26a8
Thread  C:\Windows\System32\svchost.exe [1020:3140]                                                                                                                                000007fef3ac29dc
Thread  C:\Windows\System32\svchost.exe [1020:3204]                                                                                                                                000007fef3ac29dc
Thread  C:\Windows\system32\svchost.exe [348:3572]                                                                                                                                 000007fef9295124
Thread  C:\Windows\system32\svchost.exe [348:4708]                                                                                                                                 000007fef018506c
Thread  C:\Windows\system32\svchost.exe [348:3012]                                                                                                                                 000007fefbae1ab0
Thread  C:\Windows\system32\svchost.exe [1048:3736]                                                                                                                                000007fef299d3c8
Thread  C:\Windows\system32\svchost.exe [1048:3740]                                                                                                                                000007fef299d3c8
Thread  C:\Windows\system32\svchost.exe [1048:3744]                                                                                                                                000007fef299d3c8
Thread  C:\Windows\system32\svchost.exe [1048:3748]                                                                                                                                000007fef299d3c8
Thread  C:\Windows\system32\svchost.exe [1132:1176]                                                                                                                                000007fefb11341c
Thread  C:\Windows\system32\svchost.exe [1132:1188]                                                                                                                                000007fefb113a2c
Thread  C:\Windows\system32\svchost.exe [1132:1192]                                                                                                                                000007fefb115c20
Thread  C:\Windows\system32\svchost.exe [1132:1196]                                                                                                                                000007fefb113768
Thread  C:\Windows\system32\svchost.exe [1132:1368]                                                                                                                                000007fefb113900
Thread  C:\Windows\system32\svchost.exe [1132:2024]                                                                                                                                000007fef950bd88
Thread  C:\Windows\system32\svchost.exe [1132:3528]                                                                                                                                000007fef3cb5170
Thread  C:\Windows\system32\svchost.exe [1132:3564]                                                                                                                                000007fef9295124
Thread  C:\Windows\system32\svchost.exe [1132:3904]                                                                                                                                000007fefa0b5230
Thread  C:\Windows\System32\spoolsv.exe [1392:1344]                                                                                                                                000007fef7f610c8
Thread  C:\Windows\System32\spoolsv.exe [1392:1536]                                                                                                                                000007fef7d16144
Thread  C:\Windows\System32\spoolsv.exe [1392:352]                                                                                                                                 000007fef9c35fd0
Thread  C:\Windows\System32\spoolsv.exe [1392:388]                                                                                                                                 000007fef7c83438
Thread  C:\Windows\System32\spoolsv.exe [1392:1764]                                                                                                                                000007fef9c363ec
Thread  C:\Windows\System32\spoolsv.exe [1392:1828]                                                                                                                                000007fef9155e5c
Thread  C:\Windows\System32\spoolsv.exe [1392:1912]                                                                                                                                000007fef9185074
Thread  C:\Windows\system32\svchost.exe [1620:1924]                                                                                                                                000007fef9c35fd0
Thread  C:\Windows\system32\svchost.exe [1620:1940]                                                                                                                                000007fef9c363ec
Thread  C:\Windows\system32\svchost.exe [1620:3556]                                                                                                                                000007fef2958470
Thread  C:\Windows\system32\svchost.exe [1620:3560]                                                                                                                                000007fef2962418
Thread  C:\Windows\system32\svchost.exe [1620:4012]                                                                                                                                000007fef203f130
Thread  C:\Windows\system32\svchost.exe [1620:3300]                                                                                                                                000007fef2034734
Thread  C:\Windows\system32\svchost.exe [1620:4280]                                                                                                                                000007fef2034734
Thread  C:\Windows\system32\svchost.exe [1620:4404]                                                                                                                                000007fef01b5ec0
Thread  C:\Windows\system32\taskhost.exe [1788:1936]                                                                                                                               000007fef9591f38
Thread  C:\Windows\system32\taskhost.exe [1788:2224]                                                                                                                               000007fefaa71010
Thread  C:\Windows\Explorer.EXE [1976:2060]                                                                                                                                        000000005c158e00
Thread  C:\Windows\Explorer.EXE [1976:2612]                                                                                                                                        000007fef5fd2154
Thread  C:\Windows\Explorer.EXE [1976:2448]                                                                                                                                        000007fefbe16204
Thread  C:\Windows\Explorer.EXE [1976:252]                                                                                                                                         000007fef44a2118
Thread  C:\Windows\system32\taskhost.exe [3344:3372]                                                                                                                               000007fef438ef24
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [3448:3780]                                                                                                             000007fefc072a7c
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [3448:3816]                                                                                                             000007fef0c1d618
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [3448:3540]                                                                                                             000007fef9295124
Thread  C:\Windows\System32\svchost.exe [4484:4224]                                                                                                                                000007feefde9688

---- EOF - GMER 2.1 ----

 

Ventual Budowniczy

Ventual

Opublikowano
Budowniczy

Ventual

  • Autor
Opublikowano

OTL

 

OTL logfile created on: 2014-03-29 00:29:19 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Adrian\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,49 Gb Available Physical Memory | 24,30% Memory free
4,00 Gb Paging File | 2,15 Gb Available in Paging File | 53,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98,11 Gb Total Space | 46,30 Gb Free Space | 47,19% Space Free | Partition Type: NTFS
Drive D: | 105,47 Gb Total Space | 56,51 Gb Free Space | 53,58% Space Free | Partition Type: NTFS
 
Computer Name: ADRIAN-KOMPUTER | User Name: Adrian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014-03-29 00:04:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adrian\Desktop\OTL.exe
PRC - [2014-03-24 19:43:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014-03-20 23:10:29 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
PRC - [2014-03-15 09:40:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014-02-08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014-02-05 10:32:47 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014-02-05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013-12-25 13:49:08 | 009,547,240 | ---- | M] (TeamSpeak Systems GmbH) -- D:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
PRC - [2012-11-16 14:24:44 | 000,913,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-02-11 21:52:00 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\SpeedyDrive\mounter.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014-03-20 23:10:27 | 016,276,872 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
MOD - [2014-03-15 09:40:38 | 003,642,480 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013-12-25 13:49:06 | 000,237,032 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
MOD - [2013-12-25 13:49:06 | 000,230,376 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
MOD - [2013-12-25 13:49:05 | 000,555,496 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
MOD - [2012-07-30 15:13:00 | 000,195,584 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\imageformats\_old_qjpeg4.dll
MOD - [2012-07-30 15:13:00 | 000,025,600 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\imageformats\_old_qgif4.dll
MOD - [2011-03-04 11:02:54 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2011-03-04 11:02:52 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2011-03-04 11:02:50 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014-02-05 10:32:24 | 016,941,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2012-11-16 14:24:44 | 000,913,184 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008-07-29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2014-03-24 19:43:01 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014-03-20 23:10:29 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-03-15 09:40:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-02-08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014-02-05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014-01-07 22:00:22 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-02-07 13:10:08 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012-02-11 21:52:00 | 000,014,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SpeedyDrive\mounter.exe -- (DokanMounter)
SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013-12-27 19:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-09-10 17:33:10 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013-03-29 16:21:35 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2012-12-26 19:40:05 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-11-16 13:56:48 | 000,209,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012-09-12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012-03-14 07:40:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012-03-14 07:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-11 21:52:00 | 000,120,408 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\dokan.sys -- (Dokan)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-07-01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010-07-01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006-08-11 14:50:02 | 000,078,208 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfsync04.sys -- (sfsync04)
DRV:64bit: - [2006-07-05 13:48:19 | 000,077,688 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01a.sys -- (sfdrv01a)
DRV:64bit: - [2006-06-14 18:14:39 | 000,100,712 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02)
DRV:64bit: - [2006-06-14 15:58:10 | 000,014,192 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledAddons: autorefresh%40plugin:1.0.2
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.22
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2832599&SearchSource=2&CUI=UN27808372543842215&UM=1&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre1.7.0_07\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Adrian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefoxradka\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefoxradka\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014-03-29 00:05:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-03-22 18:34:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-12-26 15:58:30 | 000,000,000 | ---D | M]
 
[2013-04-10 15:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Extensions
[2014-03-28 12:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions
[2014-03-24 22:07:25 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014-02-26 13:54:07 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2014-02-02 16:36:06 | 000,000,000 | ---D | M] ("Auto Refresh") -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\autorefresh@plugin
[2014-03-28 12:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\staged
[2014-02-02 16:36:06 | 000,036,763 | ---- | M] () (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\rr8doj0o.default\Extensions\autorefresh@plugin.xpi
[2014-03-28 12:03:34 | 003,423,358 | ---- | M] () (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\rr8doj0o.default\Extensions\[email protected]
[2014-02-26 13:53:49 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\rr8doj0o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-12-03 14:52:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2014-03-19 21:26:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014-03-19 21:26:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = http://www.delta-search.com/?q={searchTerms}&affID=119816&tt=190313_wo1&babsrc=SP_ss&mntrId=BCF8001D7D2187AE
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.delta-search.com/?babsrc=HP_ss&mntrId=BCF8001D7D2187AE&affID=119820&tsp=4939
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Adrian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Dokumenty Google = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Value apps = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\
CHR - Extension: Google Wallet = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.7.0_07\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.7.0_07\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [shadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.51.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.8.1 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20759542-2AB4-44B2-9728-D70C6A02BFD5}: DhcpNameServer = 192.168.8.1 8.8.8.8
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-10-29 21:21:08 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-03-29 00:05:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2014-03-29 00:04:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Adrian\Desktop\OTL.exe
[2014-03-28 14:11:59 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Doctor Web
[2014-03-25 20:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2014-03-22 19:04:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014-03-22 19:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2014-03-22 19:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014-03-22 19:03:12 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014-03-22 19:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2014-03-22 19:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014-03-22 19:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014-03-22 19:00:07 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014-03-22 02:07:44 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\OBS
[2014-03-17 22:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2014-03-14 21:45:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2014-03-14 21:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
[2014-03-14 21:41:49 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Documents\FIFA 14
[2014-03-14 20:10:53 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\Setup Integrity Check
[2014-03-11 19:26:13 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\uTorrent
[2014-03-10 19:09:31 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Documents\Euro Truck Simulator 2
[2014-03-10 19:09:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
[2014-03-08 02:49:31 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\Ubisoft
[2014-03-08 02:17:13 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\InstallShield
[2014-03-05 19:29:34 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Documents\Rockstar Games
[2014-03-05 19:03:06 | 000,000,000 | RH-D | C] -- C:\Users\Adrian\AppData\Roaming\SecuROM
[2014-03-05 18:59:29 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\Rockstar Games
[2014-03-04 18:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2014-03-04 15:31:16 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Desktop\igrzyska grafika
[2014-03-03 18:03:06 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-03-03 18:02:56 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-03-03 15:39:47 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\NVIDIA Corporation
[2014-03-03 15:35:58 | 001,179,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014-03-03 15:35:57 | 001,048,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014-03-03 15:35:54 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\NVIDIA
[2014-03-03 15:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014-03-03 15:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014-03-03 15:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014-03-03 15:33:48 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014-03-03 15:33:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014-03-03 15:33:09 | 006,712,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014-03-03 15:33:09 | 003,498,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014-03-03 15:33:09 | 002,559,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014-03-03 15:33:09 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014-03-03 15:33:09 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014-03-03 15:32:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014-03-03 15:29:39 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014-03-03 15:29:39 | 000,035,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014-03-03 15:29:39 | 000,033,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014-03-03 15:29:38 | 018,257,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014-03-03 15:29:38 | 015,740,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014-03-03 15:29:35 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014-03-03 15:29:34 | 031,432,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014-03-03 15:29:34 | 023,683,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014-03-03 15:29:34 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014-03-03 15:29:34 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014-03-03 15:29:34 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014-03-03 15:29:34 | 000,892,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014-03-03 15:29:34 | 000,875,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014-03-03 15:29:34 | 000,863,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014-03-03 15:29:34 | 000,844,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014-03-03 15:29:33 | 017,715,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014-03-03 15:29:33 | 014,669,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014-03-03 15:29:33 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014-03-03 15:29:33 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014-03-03 15:29:33 | 003,142,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014-03-03 15:29:33 | 002,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014-03-03 15:29:33 | 002,782,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014-03-03 15:29:33 | 002,410,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014-03-03 15:29:32 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014-03-03 15:29:32 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014-03-03 15:29:32 | 003,090,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014-03-03 15:29:32 | 002,713,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014-03-03 15:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014-03-03 15:25:21 | 000,000,000 | ---D | C] -- C:\NVIDIA
 
========== Files - Modified Within 30 Days ==========
 
[2014-03-29 00:17:00 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-03-29 00:17:00 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-03-29 00:09:44 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-03-29 00:09:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-03-29 00:09:35 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2014-03-29 00:07:03 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-03-29 00:04:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adrian\Desktop\OTL.exe
[2014-03-28 23:46:02 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-03-28 19:16:18 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-03-28 19:16:18 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014-03-25 20:04:02 | 000,001,303 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2014.lnk
[2014-03-25 19:00:42 | 002,194,310 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-03-25 19:00:42 | 001,195,598 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-03-25 19:00:42 | 000,651,038 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-03-25 19:00:42 | 000,601,284 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-03-25 19:00:41 | 000,006,634 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-03-24 19:43:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014-03-23 08:43:14 | 004,864,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-03-20 23:10:29 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-03-20 23:10:29 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-03-19 21:26:43 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-03-17 22:12:48 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Wielu graczy.lnk
[2014-03-17 22:12:48 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Jeden gracz.lnk
[2014-03-17 22:12:06 | 000,000,331 | ---- | M] () -- C:\Windows\game.ini
[2014-03-14 21:41:54 | 000,000,940 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 14.lnk
[2014-03-13 17:51:01 | 000,000,889 | ---- | M] () -- C:\Users\Adrian\.recently-used.xbel
[2014-03-11 20:39:20 | 000,000,856 | ---- | M] () -- C:\Users\Adrian\Desktop\samp.exe.lnk
[2014-03-11 20:23:35 | 000,000,827 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2014-03-11 19:29:05 | 000,000,859 | ---- | M] () -- C:\Users\Adrian\Desktop\µTorrent.lnk
[2014-03-10 19:09:31 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2014-03-05 18:52:15 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2014-03-05 18:29:53 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2014-03-04 14:55:02 | 000,001,496 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
[2014-03-03 18:02:51 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-03-03 18:02:50 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-03-03 18:02:50 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-03-03 18:02:49 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
 
========== Files Created - No Company Name ==========
 
[2014-03-25 20:04:02 | 000,001,303 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2014.lnk
[2014-03-19 21:26:43 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014-03-19 21:26:43 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-03-18 20:55:50 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-03-17 22:12:48 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Wielu graczy.lnk
[2014-03-17 22:12:48 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Jeden gracz.lnk
[2014-03-14 21:41:54 | 000,000,940 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 14.lnk
[2014-03-13 17:51:01 | 000,000,889 | ---- | C] () -- C:\Users\Adrian\.recently-used.xbel
[2014-03-11 20:39:20 | 000,000,856 | ---- | C] () -- C:\Users\Adrian\Desktop\samp.exe.lnk
[2014-03-11 20:23:35 | 000,000,827 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2014-03-11 19:29:05 | 000,000,859 | ---- | C] () -- C:\Users\Adrian\Desktop\µTorrent.lnk
[2014-03-10 19:09:31 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2014-03-05 18:52:15 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2014-03-05 18:29:53 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2014-03-03 15:29:34 | 000,024,544 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014-02-07 16:41:31 | 000,001,496 | ---- | C] () -- C:\Users\Adrian\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
[2013-12-15 20:30:54 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013-10-15 15:56:06 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2013-04-29 14:53:44 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013-01-13 21:57:28 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013-01-13 21:57:25 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2013-01-12 23:30:07 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-12-27 19:00:55 | 000,006,612 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-11-19 08:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012-11-19 08:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
 
========== ZeroAccess Check ==========
 
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

 

Extras

 

OTL Extras logfile created on: 2014-03-29 00:40:43 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Adrian\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,35 Gb Available Physical Memory | 17,56% Memory free
4,00 Gb Paging File | 2,05 Gb Available in Paging File | 51,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98,11 Gb Total Space | 46,30 Gb Free Space | 47,19% Space Free | Partition Type: NTFS
Drive D: | 105,47 Gb Total Space | 56,51 Gb Free Space | 53,58% Space Free | Partition Type: NTFS
 
Computer Name: ADRIAN-KOMPUTER | User Name: Adrian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Radek\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Radek\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A47B8F-6503-4E75-8271-73B057001602}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0789166E-85CC-468A-B8A4-A2EB4275F920}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{096CAB90-9FEA-4F55-ABA9-A58A6811C759}" = lport=138 | protocol=17 | dir=in | app=system |
"{1066B08B-64EC-4E36-8270-82DE6BA52855}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1CA18834-3DCC-486D-9AFE-9D1667659CD7}" = rport=445 | protocol=6 | dir=out | app=system |
"{1F6AE59C-B7DA-49AE-B384-74D1D9D5FE7E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{33B5B44E-FC3D-4916-BFF8-AE06D14C6006}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{3ECD4925-FB8D-4D70-B3FB-7D6B8020C019}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{49630462-4E7F-4F3F-AED1-AB2F5C7903E8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5284568C-127D-4024-BC7B-7BE1A07F19FA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5ACE7C69-F7BD-4954-8F70-2C56281DBF4E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5BE06247-18F8-4BAF-903E-0E191FFC3BFC}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{5E187198-51D6-4101-9A03-791A0CD12A1D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5EB73E9A-6630-44E6-8CDB-F1ADC3A48CEA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5F102960-7D04-45D1-9020-48E893D8C81F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7B6FA065-FCB5-402D-A8F5-BC7BE45B118C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7D433A43-4A9F-4539-9DC2-BBCE13A1597C}" = lport=137 | protocol=17 | dir=in | app=system |
"{864A4E42-ACFC-4E0D-BBE6-F3B283EF7EB8}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{90FC1ED5-2E1F-47DF-8B68-F16EA5EA37DA}" = rport=139 | protocol=6 | dir=out | app=system |
"{92E79F44-26DD-49E9-9B09-CBF03D9CC230}" = rport=137 | protocol=17 | dir=out | app=system |
"{B7943FB6-073F-4778-B5EC-258E9BA836E3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B84A383A-228D-4DEA-A42C-FC5654611620}" = rport=138 | protocol=17 | dir=out | app=system |
"{CA1A8830-DE76-4222-8BED-1130AA51B942}" = lport=139 | protocol=6 | dir=in | app=system |
"{CB589772-FD6C-46CC-8469-E91EEF645C59}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CBABC607-FE55-47BE-B387-AB3F98AC0B67}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE3AEDDF-303F-4930-8A7E-0D511335FA27}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E62F5D4F-E842-4E55-9EC0-DE5F2264290A}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{E8D7786D-95A3-4620-97CA-8314F42DE02A}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E9AD6D62-5E15-4147-BBF0-8BE4880C6428}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F2DBF817-0A0A-4533-B380-87B0FDC506FD}" = lport=445 | protocol=6 | dir=in | app=system |
"{FAD95741-AEB2-4456-913E-2526FCFA1E1F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{081AE6A1-EE4A-49C3-AF61-456B296704FB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0E753D72-ABA8-48D6-B4F5-66101D08200B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{0EB38C1D-6114-47A5-9480-FD9A758B1E93}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{0EB7C8C0-1FD7-4FD5-BBD4-72CD46B9E115}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{139398FD-9A75-4863-8622-2E589E1EF276}" = protocol=6 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{18180828-5D86-4881-B420-28F348DF1736}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{1AB7F3EC-4A58-4179-A706-4A3D80A55433}" = protocol=1 | dir=out | [email protected],-28544 |
"{1BFDA18F-51B3-48A1-8037-5EFB9D9354B0}" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{212342FF-4FE1-4494-AAFC-5ABB5EB10842}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2332BC28-89A0-426C-A7CA-ADE3B14170EC}" = dir=in | app=c:\users\adrian\appdata\local\microsoft\skydrive\skydrive.exe |
"{2854CD65-369E-4E8E-B59D-8950112DF5DE}" = protocol=6 | dir=in | app=d:\dreikon bs\metin2.bin |
"{2C08CBB0-9B27-42DB-8708-6C02C3B3940C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2E759A36-0E03-4367-B1E1-5DD1F13A1C4B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2F497D7E-DC49-4744-AF0A-A5E5F283E7CF}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{32240F28-76E7-42B4-B675-E43A6957FF16}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{3386C18B-2CF7-4C02-9932-52F4761F1D47}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{360DA03C-CDBB-4268-9B08-E870A87CFDC2}" = protocol=58 | dir=in | [email protected],-28545 |
"{3A66B4A4-7628-44E8-A791-E15FF8742BB3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3AB29EA3-3547-4F4D-8D68-9EDA0753208E}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{3ABEC727-6F64-45E9-BB07-2F0E57128E2F}" = protocol=17 | dir=in | app=c:\users\adrian\desktop\teamspeak3-server_win32-3.0.10.3\teamspeak3-server_win32\ts3server_win32.exe |
"{3F02E261-8DF9-4C65-B6CE-E211D8081D7B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3F1E8392-875B-435F-A77D-F9C75C561EB9}" = protocol=6 | dir=in | app=d:\kmr priv\dreikon.exe |
"{3FDD9A09-3BB7-4BF0-9D87-8CD6F7584505}" = protocol=6 | dir=in | app=c:\users\adrian\appdata\roaming\utorrent\utorrent.exe |
"{4367A649-6023-4198-ADE3-852AD3662BD8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{496CB7D8-5A07-481F-93EC-EFB78B76BC39}" = protocol=17 | dir=in | app=d:\kmr priv\pandoramt2 (bez patchera).exe |
"{4CEF12E1-1B3B-4F5A-A13D-E79002067DA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4D5B7522-478E-496B-9A48-09447C1BDFB4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{523E539D-5B7D-41AF-B668-0DF7C9A3ECFC}" = protocol=6 | dir=in | app=d:\games\fifa 14\game\fifa14.exe |
"{533EB30C-3649-40A5-8133-267F5EAB2A3E}" = protocol=6 | dir=in | app=d:\dreikon\dreikon\metin2.bin |
"{5415165E-D255-4B68-9BBC-100B95ED74C6}" = protocol=6 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\metin2client.bin |
"{5DEDA912-C6CF-419A-8FE7-E541431A698D}" = protocol=17 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\metin2client.bin |
"{62940A1D-1C49-41DC-9F90-420930146BD7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6631613A-F64F-40E4-B6C0-48534FA16413}" = protocol=17 | dir=in | app=d:\dreikon\dreikon\metin2.bin |
"{665F1CCC-B6B4-466D-89DD-91153DF616D5}" = protocol=6 | dir=in | app=c:\users\adrian\desktop\teamspeak3-server_win32-3.0.10.3\teamspeak3-server_win32\ts3server_win32.exe |
"{6B9BAB09-49C5-4932-AD7F-D748BDA2326F}" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{72246660-7F87-4F8B-8BF1-E00B26D8FFC1}" = protocol=17 | dir=in | app=d:\dreikon bs\metin2.bin |
"{723E109D-4551-4769-AE36-84B4FE6B5509}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7F062C4E-7ABB-4B1C-BBB0-8C76914388AC}" = protocol=17 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\launcher.exe |
"{7FF98FF0-FFFA-4313-BDB8-C905CAEA6D7D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{81935A97-FF0C-4585-B7E8-FC6762D513AD}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{83CB34B7-9677-4FF3-8765-48DB8D9B6774}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{86C2BCB8-11BD-4B15-88DE-C5FB5A9C540B}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe |
"{88FC2BD4-DD59-431A-AB14-31106250D433}" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{8981295B-9183-4B94-86C0-1BC946927442}" = protocol=1 | dir=in | [email protected],-28543 |
"{89F571D6-5AC0-4BB8-9AAF-A564F256E867}" = protocol=17 | dir=in | app=c:\users\adrian\appdata\roaming\utorrent\utorrent.exe |
"{90359D46-AE16-4B72-84DF-2BA4490AE71E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{90FB5DA6-6951-4C2A-AE86-1143193FFF86}" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\rockstar games social club\rgsclauncher.exe |
"{91E92A2E-C219-47F1-B546-585C69A279BA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{928FF9A0-D729-4A8D-921C-A3166D9D464D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{95296C28-5EE4-43B6-B3BA-457C53672E98}" = protocol=17 | dir=in | app=c:\users\adrian\desktop\utorrent.exe |
"{958411AB-5981-470C-BBEC-DA1AA659B4D9}" = protocol=17 | dir=in | app=d:\kmr priv\dreikon.exe |
"{96E0ABD5-B02D-47EA-A8E6-7462E4CBD724}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A4EC53D6-6790-4888-B24F-BB821BFCF4BB}" = dir=in | app=c:\users\adrian\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{AF32B5AE-C464-4DB7-B367-86E21F4CCB44}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{B054C8B3-888D-4DD0-9481-CD3DF5CF882E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B305A452-7627-41D1-9B64-9C5F14ECCE9B}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe |
"{BBEBC49C-2831-40FF-B20C-66791421DEB5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C4C27C6F-FB04-4A49-A01E-BA4733D33BCF}" = protocol=6 | dir=in | app=d:\kmr priv\pandoramt2 (bez patchera).exe |
"{C60DE775-9B3E-4B97-B43E-BD9ABE355ED0}" = protocol=6 | dir=in | app=c:\users\adrian\desktop\utorrent.exe |
"{C90C0006-2F8B-4249-A1A2-4E5374B1C13E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CBFF4F13-EC61-4711-89D8-450E8F76BD16}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{D04A256C-D04A-42B4-8153-FC8E9EDFC3E6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D09068EF-6985-41B7-B91F-5206FC72C5F5}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{D4D988AB-D2FC-4A78-8315-A8EA3B025772}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D754D9C0-4DE6-4694-8891-7929E4656D57}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{DA5B1304-FDF2-4B7C-99ED-32732C85F27B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DB086535-D999-468A-937F-9E266028640A}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{DC7A5B30-1E3B-431A-959C-E0A6D58F809E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{DE1223ED-6DE9-445A-90FA-7A5290238A21}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{DF1D4A07-FB4F-4B2D-A13E-C54AB66531F6}" = protocol=6 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{E010D3F8-D71A-4C2E-B376-9263D4509CB3}" = protocol=17 | dir=in | app=d:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{E038F26C-ECE0-468C-94F2-40532DE5C487}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E1A08201-80F9-431B-8698-12011856B01D}" = protocol=6 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\launcher.exe |
"{E4B74B97-CA8D-472A-B994-0FE34B6D99F4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E58FA32E-FF98-4997-9D70-948C4AEFAA14}" = protocol=6 | dir=out | app=system |
"{E8AE353E-D725-465D-A522-8F2CB8AE30B5}" = protocol=58 | dir=in | app=system |
"{E8D3BB2F-BFA5-4B58-B9FD-72F136347F00}" = protocol=58 | dir=out | [email protected],-503 |
"{E9508320-00D6-402C-A9D7-2E571DD0BBB3}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{F007EA88-3D72-4847-AECD-8BA24D841230}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{F088C314-2A2C-4723-8531-AB9010A1B9CF}" = protocol=17 | dir=in | app=d:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{F200155A-45DE-40F1-8831-6E1868D2795F}" = protocol=17 | dir=in | app=d:\games\fifa 14\game\fifa14.exe |
"{F63AE892-4F6C-482C-B91F-80AF0C4EB03D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{FD92C673-F18D-443F-8D84-50A93AD32260}" = protocol=58 | dir=out | [email protected],-28546 |
"TCP Query User{0DE052E4-D9A4-483F-B729-390090B8014C}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{1313F8E3-AE22-4743-895C-5EE1CFDF8723}D:\kmr priv\dreikon.exe" = protocol=6 | dir=in | app=d:\kmr priv\dreikon.exe |
"TCP Query User{19FCA63C-9719-4573-A620-CB843C899BA6}C:\users\adrian\desktop\ethana.eu - official client 02.01.2014\launcher.exe" = protocol=6 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\launcher.exe |
"TCP Query User{1EFADEF6-5E64-46DE-B869-D6F979765657}D:\games\counter-strike\hl.exe" = protocol=6 | dir=in | app=d:\games\counter-strike\hl.exe |
"TCP Query User{2AD9F6FA-7854-497F-A5B5-DAE85453E3D0}C:\users\adrian\desktop\ethana.eu - official client 02.01.2014\metin2client.bin" = protocol=6 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\metin2client.bin |
"TCP Query User{35207AA6-AB53-40A8-BF69-03F57A1A20D0}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{796A6153-029A-4CCB-97F4-F2876B5EC059}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{7A946398-EB93-4A1D-8BF9-43A9839B7158}C:\users\adrian\desktop\teamspeak3-server_win32-3.0.10.3\teamspeak3-server_win32\ts3server_win32.exe" = protocol=6 | dir=in | app=c:\users\adrian\desktop\teamspeak3-server_win32-3.0.10.3\teamspeak3-server_win32\ts3server_win32.exe |
"TCP Query User{80553FBD-E7D6-405F-9B69-AA897B457212}D:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{8702DC22-78EB-4E90-88EC-08BCE17CEA65}C:\program files\java\jre7\launch4j-tmp\minecraftzyczu.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\minecraftzyczu.exe |
"TCP Query User{99B01F3C-04CF-44F9-BD97-9C7C88EED4CC}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{B4040B54-0BD2-4FAB-9553-C7C069542B02}D:\dreikon bs\metin2.bin" = protocol=6 | dir=in | app=d:\dreikon bs\metin2.bin |
"TCP Query User{B49B3182-A5E6-412F-8D64-B454D6E32F21}D:\kmr priv\pandoramt2 (bez patchera).exe" = protocol=6 | dir=in | app=d:\kmr priv\pandoramt2 (bez patchera).exe |
"TCP Query User{BE702BA9-EE87-4041-9648-E5F8F9922EBB}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{C37A606E-DEB8-4D4E-B540-DEDF14AFFA92}D:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{DCEB9779-63CF-45B2-9E4D-071A49515EB9}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{DF30E941-1996-4976-B2FE-0D57D7A595DE}D:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{E0541D3E-4340-43BE-8EBD-EFAF762D7AD8}D:\program files (x86)\gadu-gadu 10x\gg.exe" = protocol=6 | dir=in | app=d:\program files (x86)\gadu-gadu 10x\gg.exe |
"TCP Query User{F26FE599-F4A6-4A7F-A07C-93AA239D5691}D:\games\counter strike 1.6\hl.exe" = protocol=6 | dir=in | app=d:\games\counter strike 1.6\hl.exe |
"TCP Query User{F8B2B030-35FE-4419-8FCC-B94A5303D29A}D:\dreikon\dreikon\metin2.bin" = protocol=6 | dir=in | app=d:\dreikon\dreikon\metin2.bin |
"UDP Query User{0BC4D20B-44C7-4FD4-88A9-9981248644C0}D:\games\counter-strike\hl.exe" = protocol=17 | dir=in | app=d:\games\counter-strike\hl.exe |
"UDP Query User{12B891B8-0C1D-447F-B277-5620317C06AE}D:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{137884C4-8079-4442-8AF0-AA51422B9B26}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{2E219EFE-27CC-4F1D-862D-32267617D3C3}D:\dreikon bs\metin2.bin" = protocol=17 | dir=in | app=d:\dreikon bs\metin2.bin |
"UDP Query User{46AB8D12-3E7A-428C-BC26-967C626032E1}D:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{51456793-AFB6-4CFD-9B35-F760D52252B5}C:\users\adrian\desktop\teamspeak3-server_win32-3.0.10.3\teamspeak3-server_win32\ts3server_win32.exe" = protocol=17 | dir=in | app=c:\users\adrian\desktop\teamspeak3-server_win32-3.0.10.3\teamspeak3-server_win32\ts3server_win32.exe |
"UDP Query User{635BE21D-1EBF-485D-8976-458D3B7BC95E}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"UDP Query User{669C6B99-4113-43D2-8F1A-661AFC4F0938}C:\users\adrian\desktop\ethana.eu - official client 02.01.2014\metin2client.bin" = protocol=17 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\metin2client.bin |
"UDP Query User{6723ACD3-8A36-4EFF-B697-8C52F40A5B16}C:\users\adrian\desktop\ethana.eu - official client 02.01.2014\launcher.exe" = protocol=17 | dir=in | app=c:\users\adrian\desktop\ethana.eu - official client 02.01.2014\launcher.exe |
"UDP Query User{76ADC31E-3D72-4F01-BF5B-8C0177700927}D:\dreikon\dreikon\metin2.bin" = protocol=17 | dir=in | app=d:\dreikon\dreikon\metin2.bin |
"UDP Query User{76D971E7-C4CA-4F97-8049-FE4BD04148B7}D:\program files (x86)\gadu-gadu 10x\gg.exe" = protocol=17 | dir=in | app=d:\program files (x86)\gadu-gadu 10x\gg.exe |
"UDP Query User{881D214A-E365-401B-B736-5CDA6167800D}D:\games\counter strike 1.6\hl.exe" = protocol=17 | dir=in | app=d:\games\counter strike 1.6\hl.exe |
"UDP Query User{8DD193AF-BA77-458A-891B-8FE413D1D660}D:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=d:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{967D4291-E5F3-4F35-B230-2E379D67F969}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{A384278D-BCCE-4881-B0A5-8B61FD5822A6}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{B25B74F1-531A-4C60-8A68-7A6A0299B180}D:\kmr priv\dreikon.exe" = protocol=17 | dir=in | app=d:\kmr priv\dreikon.exe |
"UDP Query User{C69D5FEE-C0CA-4286-A3F2-3389C57DB15C}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{DDFD6692-674D-4327-A16C-C5FF067E1BBA}C:\program files\java\jre7\launch4j-tmp\minecraftzyczu.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\launch4j-tmp\minecraftzyczu.exe |
"UDP Query User{EB5ABFEC-D1FE-42C0-9760-1CE813920B44}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{F9E4DA17-063F-428C-AD58-CE07212F7B95}D:\kmr priv\pandoramt2 (bez patchera).exe" = protocol=17 | dir=in | app=d:\kmr priv\pandoramt2 (bez patchera).exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417007F0}" = Java 7 Update 7 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)
"{40E81D3B-376B-40D2-BCB7-BE43D277F11F}" = Microsoft SQL Server 2008 Native Client
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4E99A992-BF07-48AE-B0C6-5500F54EA3DA}" = Enregistreur VSS Microsoft SQL Server
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{64A3A4F4-B792-11D6-A78A-00B0D0170100}" = Java SE Development Kit 7 Update 10 (64-bit)
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8629276E-DDE1-49AE-9329-699D253DA091}" = ESET NOD32 Antivirus
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0018-0415-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-1000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-1000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0415-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Polish) 2010
"{90140000-006E-0415-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{91140000-0018-0000-1000-0000000FF1CE}" = Microsoft Office PowerPoint 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045" = Polski pakiet językowy dla programu Microsoft .NET Framework 4.5 PLK
"{94C42BE9-B62A-3558-A793-AD49B354F7AA}" = Microsoft .NET Framework 4.5 PLK Language Pack
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AB085680-FE98-11E1-A232-F04DA23A5C58}" = MSVCRT Redists
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 334.89
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.13
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{BD422D00-5232-11E3-A6F3-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{C2B8CBDE-5232-11E3-B494-F04DA23A5C58}" = MSVCRT Redists
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EC042023-D225-3E2F-B60C-448F5F69B9FB}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - FRA
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"{FCE145AD-C3AD-34F3-9012-4CB5E1B2029E}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - fra
"8461-7759-5462-8226" = Vuze
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.67.1
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - FRA" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - Français
"Office14.POWERPOINTR" = Microsoft PowerPoint 2010 dla Użytkowników Domowych i Uczniów
"Opera 12.14.1738" = Opera 12.14
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"Unlocker" = Unlocker 1.9.2
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
"WinRAR archiver" = WinRAR 4.20 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1026DF85-1C0F-4839-888E-EB9D5B73CF46}" = Windows Live Writer
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{23D448C7-7DC7-4C15-B47D-C99364501F07}" = Microsoft SQL Server 2008 Database Engine Services
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java 6 Update 25
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}" = Movie Maker
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{37FDD121-C443-4FD3-A213-2449B397C068}" = Windows Live Messenger
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{4401409D-25F1-4E85-8A3C-6BA6FFCFBFED}" = Microsoft SQL Server 2008 Browser
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4C3FF4F7-6033-3129-8D21-9FC8C8B82D65}" = Microsoft Visual C++ 2008 Express Edition with SP1 - FRA
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}" = SpPhones
"{4E55905B-849D-4633-9267-3EC77E24221A}" = Poczta usługi Windows Live
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{51DE0B73-7A33-41B8-9183-8321D40815E0}" = Microsoft SQL Server 2008 Common Files
"{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}" = Sp5
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Obsługa programów Apple
"{6049054B-DB11-48E1-A583-9A565D5C8856}_is1" = "FIFA 14"
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6C3959C6-943E-44B3-BAAD-570B04B134E5}" = SpCommon
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}" = Galeria fotografii
"{76E62ACD-1536-4AC7-9A2E-B7DB4F2ACE5E}" = Windows Live Family Safety
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{91B33C97-280F-B76D-E27B-E712D7041B76}_is1" = Ashampoo Burning Studio 2014 v.12.0.5
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}" = Podstawowe programy Windows Live
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA82E5EF-70C2-41CB-8432-309078304CBB}" = Photo Common
"{AC76BA86-7AD7-1045-7B44-AB0000000001}" = Adobe Reader XI - Polish
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E415C943-37E5-473F-8BAE-043C56734124}" = Sp5TTInt
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare
"{E800ADC4-F459-42F5-89A2-E754634B010A}" = Windows Live Writer Resources
"{E9627240-E930-11E0-8690-F04DA23A5C58}" = MSVCRT Redists
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F05F9FC5-A369-4989-8923-33A191F08232}" = Fichiers support d'instal. Microsoft SQL Server 2008 (français)
"{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0FD00FD-CE66-474F-A116-72B4880E8B47}" = Microsoft SQL Server 2008 Database Engine Shared
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}" = Sp5Intl
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AIMP3" = AIMP3
"Anim-FX" = Anim-FX
"Any Video Converter_is1" = Any Video Converter 3.5.8
"Applian FLV Player2.0.24" = Applian FLV Player
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"bi_uninstaller" = Bundled software uninstaller
"Counter Strike 1.6 CS 1.6" = Counter Strike 1.6 CS 1.6
"DAEMON Tools Lite" = DAEMON Tools Lite
"Fraps" = Fraps (remove only)
"Gadu-Gadu 10" = Gadu-Gadu 10
"Google Chrome" = Google Chrome
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare
"ipla" = ipla 2.7
"IVONA 2" = IVONA 2
"IVONA Reader" = IVONA Reader
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic)
"Łatka polonizacyjna GTA IV v0.99" = Łatka polonizacyjna GTA IV v0.99
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C++ 2008 Express Edition with SP1 - FRA" = Microsoft Visual C++ 2008 Express SP1 - Français
"Mozilla Firefox 28.0 (x86 pl)" = Mozilla Firefox 28.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTA:SA 1.3" = MTA:SA v1.3.2
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenFm" = OpenFm
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 2.0.2
"screenSHU" = screenSHU - the fastest screen capture ever.
"SpeedFan" = SpeedFan (remove only)
"SpeedyDrive" = Speedy Drive (remove only)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"XnView_is1" = XnView 1.99.6
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG
"Mipony Download Manager Packages" = Mipony Download Manager Packages
"Mipony Download Manager Packages 3" = Mipony Download Manager Packages 3
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2014-03-26 05:21:44 | Computer Name = Adrian-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2014-03-26 11:12:11 | Computer Name = Adrian-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2014-03-26 19:32:18 | Computer Name = Adrian-Komputer | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =
 
Error - 2014-03-27 05:10:32 | Computer Name = Adrian-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2014-03-28 04:00:25 | Computer Name = Adrian-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2014-03-28 04:28:21 | Computer Name = Adrian-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2014-03-28 06:01:15 | Computer Name = Adrian-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: League of Legends.exe, wersja: 4.4.0.1858,
 sygnatura czasowa: 0x53214f63  Nazwa modułu powodującego błąd: League of Legends.exe,
 wersja: 4.4.0.1858, sygnatura czasowa: 0x53214f63  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x003e871f  Identyfikator procesu powodującego błąd: 0x424  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01cf4a6617af4db0  Ścieżka aplikacji powodującej błąd:
 D:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League
 of Legends.exe  Ścieżka modułu powodującego błąd: D:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League
 of Legends.exe  Identyfikator raportu: e5fe3770-b65f-11e3-b577-001d7d2187ae
 
Error - 2014-03-28 11:22:03 | Computer Name = Adrian-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: League of Legends.exe, wersja: 4.4.0.1858,
 sygnatura czasowa: 0x53214f63  Nazwa modułu powodującego błąd: League of Legends.exe,
 wersja: 4.4.0.1858, sygnatura czasowa: 0x53214f63  Kod wyjątku: 0xc0000005  Przesunięcie
 błędu: 0x005787d0  Identyfikator procesu powodującego błąd: 0x1120  Godzina uruchomienia
 aplikacji powodującej błąd: 0x01cf4a98d7307fb0  Ścieżka aplikacji powodującej błąd:
 D:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League
 of Legends.exe  Ścieżka modułu powodującego błąd: D:\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.14\deploy\League
 of Legends.exe  Identyfikator raportu: b62e4080-b68c-11e3-b577-001d7d2187ae
 
Error - 2014-03-28 12:22:36 | Computer Name = Adrian-Komputer | Source = WinMgmt | ID = 10
Description =
 
Error - 2014-03-28 19:11:23 | Computer Name = Adrian-Komputer | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 2014-03-28 04:26:21 | Computer Name = Adrian-Komputer | Source = Application Popup | ID = 875
Description = Sterownik sfdrv01a.sys został zablokowany dla ładowania.
 
Error - 2014-03-28 04:26:50 | Computer Name = Adrian-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   sfdrv01a  sfsync04
 
Error - 2014-03-28 07:58:57 | Computer Name = Adrian-Komputer | Source = Disk | ID = 262151
Description = W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.
 
Error - 2014-03-28 12:20:37 | Computer Name = Adrian-Komputer | Source = Application Popup | ID = 875
Description = Sterownik sfsync04.sys został zablokowany dla ładowania.
 
Error - 2014-03-28 12:20:39 | Computer Name = Adrian-Komputer | Source = Application Popup | ID = 875
Description = Sterownik sfdrv01a.sys został zablokowany dla ładowania.
 
Error - 2014-03-28 12:21:08 | Computer Name = Adrian-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   sfdrv01a  sfsync04
 
Error - 2014-03-28 19:05:00 | Computer Name = Adrian-Komputer | Source = Service Control Manager | ID = 7034
Description = Usługa NVIDIA Stereoscopic 3D Driver Service niespodziewanie zakończyła
 pracę. Wystąpiło to razy: 1.
 
Error - 2014-03-28 19:09:24 | Computer Name = Adrian-Komputer | Source = Application Popup | ID = 875
Description = Sterownik sfsync04.sys został zablokowany dla ładowania.
 
Error - 2014-03-28 19:09:26 | Computer Name = Adrian-Komputer | Source = Application Popup | ID = 875
Description = Sterownik sfdrv01a.sys został zablokowany dla ładowania.
 
Error - 2014-03-28 19:09:52 | Computer Name = Adrian-Komputer | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego:   sfdrv01a  sfsync04
 
 
< End of report >

 

Nezvik Mentor

Nezvik

Opublikowano
Mentor

Nezvik

Opublikowano

Wklejasz na dole w OTL w oknie "Własne opcje skanowania / skrypt" podany przeze mnie fix (wszystko w spoilerze. Następnie klikasz "Wykonaj skrypt" i czekasz aż się przetworzy. Po ponownym uruchomieniu komputera zostanie wygenerowany log. Wstaw go na forum.

Ventual Budowniczy

Ventual

Opublikowano
Budowniczy

Ventual

  • Autor
Opublikowano

Niestety nie wiem o co chodzi. Wszelkie logi są czyste, brak infekcji. Brak czegokolwiek. Niestety niechętnie, aczkolwiek muszę zaproponować format dysku. 

Jeszcze zapytam, od jakiego czasu występuje ten problem?

 

Pierwszy raz wystąpił jakoś 2/3 dni przed napisaniem tego tematu, nie pamiętam dokładnie.

 

 

ostatnia próba ;x pobierz to

http://jpshortstuff.247fixes.com/SystemLook.html
(jeśli masz system 32 bit to dla 32 bit itd)

i wklej w niego 

 

:filefind

altbw02j.SYS

 

Spróbuję.

 

edit

 

 

SystemLook 30.07.11 by jpshortstuff

Log created at 17:16 on 01/04/2014 by Adrian

Administrator - Elevation successful

 

========== filefind ==========

 

Searching for "altbw02j.SYS"

No files found.

 

-= EOF =-

 

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

Czy są jeszcze jakieś inne programy typu bitguard na moim komputerze?

Nie moge ci tego powiedzieć bo źle zrobiłeś log otl. zapomniałeś ustawić żeby skanował rejestr  (bądź też nie wstawiłeś pliku Extras.txt)

 

ale na pierwszy rzut oka do wywalenia idzie

BitGuard.exe

hamachi (chyba że potrzebujesz)

[2014-03-26 20:28:49 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 - dziwne. przeskanuj ten plik na virustotal.com

Ventual Budowniczy

Ventual

Opublikowano
Budowniczy

Ventual

  • Autor
Opublikowano

Jak grałem w cod 4 single i multi i raz jak grałem w lola. Podczas gry spamowało i podczas gry ustało, nic nie robiłem, tzn. nie wyłączałem gry czy coś.

 

 

edit

 

Teraz mi się włączył raz jak byłem na przeglądarce i jak chciałem to dopisać to był spam.

Ventual Budowniczy

Ventual

Opublikowano
Budowniczy

Ventual

  • Autor
Opublikowano

 

OTL logfile created on: 2014-03-27 11:16:49 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Adrian\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 0,69 Gb Available Physical Memory | 34,29% Memory free
4,00 Gb Paging File | 1,78 Gb Available in Paging File | 44,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98,11 Gb Total Space | 43,36 Gb Free Space | 44,19% Space Free | Partition Type: NTFS
Drive D: | 105,47 Gb Total Space | 36,67 Gb Free Space | 34,77% Space Free | Partition Type: NTFS
 
Computer Name: ADRIAN-KOMPUTER | User Name: Adrian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014-03-27 11:16:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adrian\Desktop\OTL.exe
PRC - [2014-03-24 19:43:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014-03-20 23:10:29 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
PRC - [2014-03-19 16:13:58 | 005,325,152 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.204\deploy\LoLLauncher.exe
PRC - [2014-03-15 09:40:20 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014-02-08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014-02-05 10:32:47 | 002,234,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014-02-05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013-12-25 13:49:08 | 009,547,240 | ---- | M] (TeamSpeak Systems GmbH) -- D:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
PRC - [2013-11-18 15:32:40 | 003,780,064 | ---- | M] () -- C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
PRC - [2013-07-14 21:21:00 | 000,074,752 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.77\deploy\LolClient.exe
PRC - [2012-11-16 14:24:44 | 000,913,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2012-10-29 17:56:14 | 001,300,376 | ---- | M] () -- D:\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012-02-11 21:52:00 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\SpeedyDrive\mounter.exe
PRC - [2010-03-06 03:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014-03-20 23:10:27 | 016,276,872 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
MOD - [2014-03-19 16:14:00 | 000,265,056 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.204\deploy\RiotLauncher.dll
MOD - [2014-03-19 16:13:58 | 005,325,152 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.204\deploy\LoLLauncher.exe
MOD - [2014-03-15 09:40:38 | 003,642,480 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013-12-25 13:49:06 | 000,237,032 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
MOD - [2013-12-25 13:49:06 | 000,230,376 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
MOD - [2013-12-25 13:49:05 | 000,555,496 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
MOD - [2013-11-18 15:32:40 | 003,780,064 | ---- | M] () -- C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
MOD - [2013-11-18 15:31:07 | 003,618,304 | ---- | M] () -- c:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
MOD - [2013-07-14 21:21:00 | 000,074,752 | ---- | M] () -- D:\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.77\deploy\LolClient.exe
MOD - [2012-10-29 17:56:14 | 001,300,376 | ---- | M] () -- D:\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2012-07-30 15:13:00 | 000,195,584 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\imageformats\_old_qjpeg4.dll
MOD - [2012-07-30 15:13:00 | 000,025,600 | ---- | M] () -- D:\Program Files (x86)\TeamSpeak 3 Client\imageformats\_old_qgif4.dll
MOD - [2011-03-04 11:02:54 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2011-03-04 11:02:52 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2011-03-04 11:02:50 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014-02-05 10:32:24 | 016,941,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2012-11-16 14:24:44 | 000,913,184 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008-07-29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2014-03-24 19:43:01 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014-03-20 23:10:29 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-03-15 09:40:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014-02-08 17:18:26 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014-02-05 10:32:34 | 001,593,632 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014-01-07 22:00:22 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013-11-18 15:32:40 | 003,780,064 | ---- | M] () [Auto | Running] -- C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe -- (BitGuard)
SRV - [2013-02-07 13:10:08 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-09-23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012-07-09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012-02-11 21:52:00 | 000,014,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SpeedyDrive\mounter.exe -- (DokanMounter)
SRV - [2010-02-19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013-12-27 19:42:26 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-09-10 17:33:10 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013-03-29 16:21:35 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2012-12-26 19:40:05 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-11-16 13:56:48 | 000,209,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012-09-12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012-03-14 07:40:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012-03-14 07:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-11 21:52:00 | 000,120,408 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\dokan.sys -- (Dokan)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-07-01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010-07-01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006-08-11 14:50:02 | 000,078,208 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfsync04.sys -- (sfsync04)
DRV:64bit: - [2006-07-05 13:48:19 | 000,077,688 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01a.sys -- (sfdrv01a)
DRV:64bit: - [2006-06-14 18:14:39 | 000,100,712 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02)
DRV:64bit: - [2006-06-14 15:58:10 | 000,014,192 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=BCF8001D7D2187AE&affID=119820&tsp=4939
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119816&tt=190313_wo1&babsrc=SP_ss&mntrId=BCF8001D7D2187AE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "www.google.pl"
FF - prefs.js..extensions.enabledAddons: autorefresh%40plugin:1.0.2
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.22
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2832599&SearchSource=2&CUI=UN27808372543842215&UM=1&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre1.7.0_07\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Adrian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefoxradka\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefoxradka\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-11-11 10:36:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014-03-22 18:34:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-12-26 15:58:30 | 000,000,000 | ---D | M]
 
[2013-04-10 15:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Extensions
[2014-03-25 21:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions
[2014-03-24 22:07:25 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014-02-26 13:54:07 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2014-02-02 16:36:06 | 000,000,000 | ---D | M] ("Auto Refresh") -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\autorefresh@plugin
[2014-03-25 21:20:37 | 000,000,000 | ---D | M] ("MEGA") -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\[email protected]
[2014-03-25 21:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\rr8doj0o.default\Extensions\staged
[2014-02-02 16:36:06 | 000,036,763 | ---- | M] () (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\rr8doj0o.default\Extensions\autorefresh@plugin.xpi
[2014-03-25 21:20:29 | 002,945,525 | ---- | M] () (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\rr8doj0o.default\Extensions\[email protected]
[2014-02-26 13:53:49 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\rr8doj0o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013-12-03 14:52:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2014-03-19 21:26:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014-03-19 21:26:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009-10-14 18:36:14 | 000,027,648 | ---- | M] (Ivo Software Sp. z o.O.) -- C:\Program Files (x86)\mozilla firefox\components\IvonaFirefoxToolbar.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = http://www.delta-search.com/?q={searchTerms}&affID=119816&tt=190313_wo1&babsrc=SP_ss&mntrId=BCF8001D7D2187AE
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.delta-search.com/?babsrc=HP_ss&mntrId=BCF8001D7D2187AE&affID=119820&tsp=4939
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Adrian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Dokumenty Google = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Dysk Google = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Szukaj w Google = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: 22find = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfda\2.0.1_0\
CHR - Extension: Value apps = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\
CHR - Extension: Google Wallet = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.7.0_07\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - D:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVO Software Sp. z o.O.)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.7.0_07\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - D:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVO Software Sp. z o.O.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Value Apps plugin) - {F63AAEDC-3602-49EF-AA45-262380A98980} - C:\Users\Adrian\AppData\Roaming\ValueApps\IE\MonPrx.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - D:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2_x64.dll (IVO Software Sp. z o.O.)
O3 - HKLM\..\Toolbar: (IVONA Reader) - {8664889D-ED18-4713-918F-E2BB69D8452B} - D:\Program Files (x86)\IVONA\IVONA Reader\integr\IR_iexplorer2.dll (IVO Software Sp. z o.O.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [shadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 10.51.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.8.1 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20759542-2AB4-44B2-9728-D70C6A02BFD5}: DhcpNameServer = 192.168.8.1 8.8.8.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll) - c:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll ()
O20:64bit: - AppInit_DLLs: (c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll) -  File not found
O20 - AppInit_DLLs: (c:\progra~3\bitguard\271832~1.68\{c16c1~1\bitguard.dll) - c:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013-10-29 21:21:08 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014-03-27 11:16:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Adrian\Desktop\OTL.exe
[2014-03-25 20:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2014-03-22 19:04:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014-03-22 19:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2014-03-22 19:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014-03-22 19:03:12 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014-03-22 19:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2014-03-22 19:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014-03-22 19:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014-03-22 19:00:07 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014-03-22 02:07:44 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\OBS
[2014-03-17 22:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2014-03-14 21:45:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2014-03-14 21:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
[2014-03-14 21:41:49 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Documents\FIFA 14
[2014-03-14 20:10:53 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\Setup Integrity Check
[2014-03-11 19:26:13 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\uTorrent
[2014-03-10 19:09:31 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Documents\Euro Truck Simulator 2
[2014-03-10 19:09:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
[2014-03-08 02:49:31 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\Ubisoft
[2014-03-08 02:17:13 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Roaming\InstallShield
[2014-03-05 19:29:34 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Documents\Rockstar Games
[2014-03-05 19:03:06 | 000,000,000 | RH-D | C] -- C:\Users\Adrian\AppData\Roaming\SecuROM
[2014-03-05 18:59:29 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\Rockstar Games
[2014-03-04 18:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2014-03-04 15:31:16 | 000,000,000 | ---D | C] -- C:\Users\Adrian\Desktop\igrzyska grafika
[2014-03-03 18:03:06 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-03-03 18:02:56 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-03-03 15:39:47 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\NVIDIA Corporation
[2014-03-03 15:35:58 | 001,179,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014-03-03 15:35:57 | 001,048,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014-03-03 15:35:54 | 000,000,000 | ---D | C] -- C:\Users\Adrian\AppData\Local\NVIDIA
[2014-03-03 15:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014-03-03 15:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014-03-03 15:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014-03-03 15:33:48 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014-03-03 15:33:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014-03-03 15:33:09 | 006,712,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014-03-03 15:33:09 | 003,498,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014-03-03 15:33:09 | 002,559,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014-03-03 15:33:09 | 000,386,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014-03-03 15:33:09 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014-03-03 15:32:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014-03-03 15:29:39 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014-03-03 15:29:39 | 000,035,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014-03-03 15:29:39 | 000,033,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014-03-03 15:29:38 | 018,257,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014-03-03 15:29:38 | 015,740,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014-03-03 15:29:35 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014-03-03 15:29:34 | 031,432,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014-03-03 15:29:34 | 023,683,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014-03-03 15:29:34 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014-03-03 15:29:34 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433489.dll
[2014-03-03 15:29:34 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433489.dll
[2014-03-03 15:29:34 | 000,892,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014-03-03 15:29:34 | 000,875,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014-03-03 15:29:34 | 000,863,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014-03-03 15:29:34 | 000,844,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014-03-03 15:29:33 | 017,715,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014-03-03 15:29:33 | 014,669,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014-03-03 15:29:33 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014-03-03 15:29:33 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014-03-03 15:29:33 | 003,142,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014-03-03 15:29:33 | 002,956,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014-03-03 15:29:33 | 002,782,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014-03-03 15:29:33 | 002,410,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014-03-03 15:29:32 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014-03-03 15:29:32 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014-03-03 15:29:32 | 003,090,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014-03-03 15:29:32 | 002,713,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014-03-03 15:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014-03-03 15:25:21 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014-03-01 21:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014-03-27 11:18:02 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-204788556-4053771484-397145501-1001UA.job
[2014-03-27 11:18:01 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-204788556-4053771484-397145501-1001Core.job
[2014-03-27 11:16:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adrian\Desktop\OTL.exe
[2014-03-27 11:07:03 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-03-27 10:54:01 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\FoxTab.job
[2014-03-27 10:46:33 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-03-27 10:16:16 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-03-27 10:16:16 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-03-27 10:08:55 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-03-27 10:08:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-03-27 10:08:45 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2014-03-26 20:28:49 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-03-26 20:28:49 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014-03-25 20:04:02 | 000,001,303 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2014.lnk
[2014-03-25 19:00:42 | 002,194,310 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2014-03-25 19:00:42 | 001,195,598 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-03-25 19:00:42 | 000,651,038 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2014-03-25 19:00:42 | 000,601,284 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-03-25 19:00:41 | 000,006,634 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-03-24 19:43:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014-03-23 08:43:14 | 004,864,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-03-22 19:13:45 | 000,015,360 | ---- | M] () -- C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014-03-22 17:21:10 | 017,341,091 | ---- | M] () -- C:\Users\Adrian\Desktop\Podkład.mp3
[2014-03-20 23:10:29 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-03-20 23:10:29 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-03-19 21:26:43 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-03-17 22:12:48 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Wielu graczy.lnk
[2014-03-17 22:12:48 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Jeden gracz.lnk
[2014-03-17 22:12:06 | 000,000,331 | ---- | M] () -- C:\Windows\game.ini
[2014-03-14 21:41:54 | 000,000,940 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 14.lnk
[2014-03-14 14:51:33 | 000,014,032 | ---- | M] () -- C:\Users\Adrian\Desktop\1924576_633164986732504_88733881_n.jpg
[2014-03-13 17:58:42 | 000,068,340 | ---- | M] () -- C:\Users\Adrian\Desktop\FC-Barcelona-Logo-Wallpaper-fc-barcelona-22614314-500-400.jpg
[2014-03-13 17:51:01 | 000,000,889 | ---- | M] () -- C:\Users\Adrian\.recently-used.xbel
[2014-03-11 20:39:20 | 000,000,856 | ---- | M] () -- C:\Users\Adrian\Desktop\samp.exe.lnk
[2014-03-11 20:23:35 | 000,000,827 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2014-03-11 19:29:05 | 000,000,859 | ---- | M] () -- C:\Users\Adrian\Desktop\µTorrent.lnk
[2014-03-10 19:09:31 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2014-03-05 18:52:15 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2014-03-05 18:29:53 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2014-03-04 18:14:29 | 000,000,677 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2014-03-04 14:55:02 | 000,001,496 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
[2014-03-03 18:02:51 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014-03-03 18:02:50 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014-03-03 18:02:50 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014-03-03 18:02:49 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014-02-26 21:23:24 | 000,018,123 | ---- | M] () -- C:\Users\Adrian\Desktop\Wszystko i nic.jnt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014-03-25 20:04:02 | 000,001,303 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2014.lnk
[2014-03-22 17:21:03 | 017,341,091 | ---- | C] () -- C:\Users\Adrian\Desktop\Podkład.mp3
[2014-03-19 21:26:43 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014-03-19 21:26:43 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014-03-18 20:55:50 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-03-17 22:12:48 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Wielu graczy.lnk
[2014-03-17 22:12:48 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty® 4 - Modern Warfare Jeden gracz.lnk
[2014-03-14 21:41:54 | 000,000,940 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 14.lnk
[2014-03-14 14:51:31 | 000,014,032 | ---- | C] () -- C:\Users\Adrian\Desktop\1924576_633164986732504_88733881_n.jpg
[2014-03-13 17:58:41 | 000,068,340 | ---- | C] () -- C:\Users\Adrian\Desktop\FC-Barcelona-Logo-Wallpaper-fc-barcelona-22614314-500-400.jpg
[2014-03-13 17:51:01 | 000,000,889 | ---- | C] () -- C:\Users\Adrian\.recently-used.xbel
[2014-03-11 20:39:20 | 000,000,856 | ---- | C] () -- C:\Users\Adrian\Desktop\samp.exe.lnk
[2014-03-11 20:23:35 | 000,000,827 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2014-03-11 19:29:05 | 000,000,859 | ---- | C] () -- C:\Users\Adrian\Desktop\µTorrent.lnk
[2014-03-10 19:09:31 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2014-03-05 18:52:15 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2014-03-05 18:29:53 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2014-03-04 18:14:29 | 000,000,677 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2014-03-03 15:29:34 | 000,024,544 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014-02-07 16:41:31 | 000,001,496 | ---- | C] () -- C:\Users\Adrian\AppData\Local\Adobe Zapisz dla Internetu 12.0 Prefs
[2013-12-15 20:30:54 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013-10-15 15:56:06 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2013-04-29 14:53:44 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013-02-15 17:47:13 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\H@tKeysH@@k.DLL
[2013-01-13 21:57:28 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013-01-13 21:57:25 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2013-01-12 23:30:07 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-12-27 19:55:53 | 000,015,360 | ---- | C] () -- C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-12-27 19:00:55 | 000,006,612 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-11-19 08:33:32 | 000,065,656 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012-11-19 08:33:30 | 000,022,640 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2002-08-08 00:13:02 | 000,319,488 | R--- | C] () -- C:\Users\Adrian\AppData\Roaming\MafiaSetup.exe
 
========== ZeroAccess Check ==========
 
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

 

Janusz. Legenda

Janusz.

Opublikowano
Legenda

Janusz.

Opublikowano

Nie, to nie wina dysku. chciałem tylko sprawdzić czy jest uszkodzony. wypadało by wymienić dysk bo 20tyś godzin przepracowanych to dość sporo. jeśli chcesz jeszcze pociągnąć na tym dysku to pobierz Dr web cure it pełne skanowanie. jak coś znajdzie to zrób ss'a i wstaw go tutaj.

Zarchiwizowany

Ten temat przebywa obecnie w archiwum. Dodawanie nowych odpowiedzi zostało zablokowane.

Pytania
×
×
  • Dodaj nową pozycję...