Skocz do zawartości

  • 👋 Witaj na MPCForum!

    Przeglądasz forum jako gość, co oznacza, że wiele świetnych funkcji jest jeszcze przed Tobą! 😎

    • Pełny dostęp do działów i ukrytych treści
    • Możliwość pisania i odpowiadania w tematach
    • System prywatnych wiadomości
    • Zbieranie reputacji i rozwijanie swojego profilu
    • Członkostwo w jednej z największych społeczności graczy

    👉 Dołączenie zajmie Ci mniej niż minutę – a zyskasz znacznie więcej!

    Zarejestruj się teraz

[P]Wirus rozsyłający SPAM

HELGHAST997

Przez HELGHAST997
w Elektronika - Sprzęt

Rekomendowane odpowiedzi

HELGHAST997 Budowniczy

HELGHAST997

Opublikowano
Budowniczy

HELGHAST997

Opublikowano

Witam.

Mam problem odnośnie wirusa rozsyłającego SPAM.

Na pocztę przychodzi mi dużo wiadomości do folderu SPAM.

Dodatkowo na drugim kompie blokuje połączenie internetowe/traci pakiety.

Nie wiem czy to jest powiązane ze sobą, więc proszę o pomoc.

HELGHAST997 Budowniczy

HELGHAST997

Opublikowano
Budowniczy

HELGHAST997

  • Autor
Opublikowano

Drugi komputer sprawdzony nic nie ma na nim.

Zaraz dodam loga z OTL i HiJackThis - loga z mojego kompa

OTL:

OTL logfile created on: 2012-05-04 16:44:02 - Run 1
OTL by OldTimer - Version 3.2.42.2	 Folder = D:\Ściągane_rzeczy
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,25 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 63,96% Memory free
6,50 Gb Paging File | 4,72 Gb Available in Paging File | 72,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,90 Gb Total Space | 3,46 Gb Free Space | 8,67% Space Free | Partition Type: NTFS
Drive D: | 250,00 Gb Total Space | 47,80 Gb Free Space | 19,12% Space Free | Partition Type: NTFS
Drive E: | 250,00 Gb Total Space | 225,92 Gb Free Space | 90,37% Space Free | Partition Type: NTFS
Drive F: | 391,51 Gb Total Space | 215,90 Gb Free Space | 55,14% Space Free | Partition Type: NTFS
Drive I: | 824,05 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: HELGHAST | User Name: Oskar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-05-04 16:42:51 | 000,595,456 | ---- | M] (OldTimer Tools) -- D:\Ściągane_rzeczy\OTL.exe
PRC - [2012-04-28 18:25:27 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-03-29 09:34:42 | 003,402,376 | ---- | M] (Electronic Arts) -- F:\Gry\The Sims 3\Origin\Origin.exe
PRC - [2012-02-29 22:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2012-02-29 22:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012-02-29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010-11-27 01:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- D:\Programsy\Soniaczek\PMBVolumeWatcher.exe
PRC - [2010-11-27 01:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- D:\Programsy\Soniaczek\PMBDeviceInfoProvider.exe
PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-05-24 11:10:34 | 001,683,360 | R--- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
PRC - [2010-02-03 17:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2010-01-21 02:52:14 | 000,167,528 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2010-01-21 02:52:12 | 000,370,792 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2009-02-26 19:36:46 | 000,030,040 | ---- | M] (Microsoft Corporation) -- D:\Programsy\MicrosoftOffice\Office12\GrooveMonitor.exe
PRC - [2009-02-06 15:23:36 | 000,727,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009-02-06 15:23:12 | 002,021,400 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-29 08:51:42 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012-04-28 18:25:26 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-03-29 09:34:08 | 018,604,544 | ---- | M] () -- F:\Gry\The Sims 3\Origin\QtWebKit4.dll
MOD - [2012-03-29 09:34:06 | 009,440,256 | ---- | M] () -- F:\Gry\The Sims 3\Origin\QtGui4.dll
MOD - [2012-03-29 09:34:06 | 003,564,544 | ---- | M] () -- F:\Gry\The Sims 3\Origin\QtXmlPatterns4.dll
MOD - [2012-03-29 09:34:06 | 001,152,512 | ---- | M] () -- F:\Gry\The Sims 3\Origin\QtNetwork4.dll
MOD - [2012-03-29 09:34:06 | 000,413,184 | ---- | M] () -- F:\Gry\The Sims 3\Origin\QtXml4.dll
MOD - [2012-03-29 09:34:04 | 002,694,144 | ---- | M] () -- F:\Gry\The Sims 3\Origin\QtCore4.dll
MOD - [2012-03-29 09:34:02 | 000,312,320 | ---- | M] () -- F:\Gry\The Sims 3\Origin\imageformats\qtiff4.dll
MOD - [2012-03-29 09:34:00 | 000,264,192 | ---- | M] () -- F:\Gry\The Sims 3\Origin\imageformats\qmng4.dll
MOD - [2012-03-29 09:34:00 | 000,211,456 | ---- | M] () -- F:\Gry\The Sims 3\Origin\imageformats\qjpeg4.dll
MOD - [2012-03-29 09:34:00 | 000,032,256 | ---- | M] () -- F:\Gry\The Sims 3\Origin\imageformats\qico4.dll
MOD - [2012-03-29 09:34:00 | 000,028,672 | ---- | M] () -- F:\Gry\The Sims 3\Origin\imageformats\qgif4.dll
MOD - [2012-02-29 14:26:28 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2010-05-24 11:10:38 | 000,098,720 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
MOD - [2010-05-24 11:10:32 | 064,661,408 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\skin.dll
MOD - [2010-05-24 11:10:30 | 000,078,240 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
MOD - [2010-05-24 11:10:28 | 000,111,008 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
MOD - [2009-09-30 05:33:08 | 000,024,576 | R--- | M] () -- C:\Windows\System32\AsIO.dll
MOD - [2009-03-19 23:35:52 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\EPU-4 Engine\AiNap.dll
MOD - [2009-03-19 23:35:50 | 000,008,704 | ---- | M] () -- C:\Program Files\ASUS\EPU-4 Engine\vvc.dll
MOD - [2009-01-15 15:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\EPU-4 Engine\pngio.dll
MOD - [2007-09-20 19:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-29 09:34:19 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-04-28 18:25:26 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-03-01 01:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-02-29 14:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-01-19 13:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012-01-06 23:18:18 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011-12-12 22:35:08 | 000,751,464 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2011-01-22 10:18:37 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-12-28 10:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2010-11-27 01:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- D:\Programsy\Soniaczek\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010-01-21 02:52:14 | 000,167,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010-01-21 02:52:12 | 000,370,792 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2009-08-10 01:10:50 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\MPCAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-07-14 03:14:30 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\regedt32.exe -- (.EsetTrialReset)
SRV - [2009-02-26 19:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Programsy\MicrosoftOffice\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2009-02-06 15:27:06 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009-02-06 15:23:36 | 000,727,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2007-05-31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva390.sys -- (XDva390)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva389.sys -- (XDva389)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva382.sys -- (XDva382)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva379.sys -- (XDva379)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\Garena Classic\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Oskar\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (ak1pey0s)
DRV - [2012-05-04 16:31:36 | 000,140,800 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2012-03-01 01:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012-01-17 14:45:56 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011-12-16 17:53:01 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2011-03-06 10:56:07 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011-01-22 20:35:13 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-08-12 13:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010-05-15 13:11:42 | 001,150,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2010-04-08 20:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009-11-19 15:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM)
DRV - [2009-11-19 15:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS)
DRV - [2009-11-19 15:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009-11-19 15:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM)
DRV - [2009-11-19 15:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM)
DRV - [2009-11-19 15:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009-11-19 15:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009-09-16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV - [2009-08-08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009-08-04 04:28:18 | 000,011,296 | R--- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2009-07-16 05:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009-07-14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009-03-30 04:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-02-06 15:24:26 | 000,092,800 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009-02-06 15:23:18 | 000,106,208 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009-02-06 15:19:52 | 000,113,448 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2008-07-29 04:45:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files\NCH_EN\prxtbNCH0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801948


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-575125007-1644275302-1831280697-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2801948
IE - HKU\S-1-5-21-575125007-1644275302-1831280697-1000\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files\NCH_EN\prxtbNCH0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-575125007-1644275302-1831280697-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-575125007-1644275302-1831280697-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-575125007-1644275302-1831280697-1000\..\SearchScopes\{0A25BF38-AA7E-4C77-9EDA-CDD0EA26D224}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=PF&o=15180&src=kw&q={searchTerms}&locale=&apn_ptnrs=RX&apn_dtid=YYYYYYYYPL&apn_uid=f2d4d1aa-b559-4147-84ab-65b196d7055a&apn_sauid=4F59451E-4442-45AA-A1F2-25DE16204D1A&
IE - HKU\S-1-5-21-575125007-1644275302-1831280697-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801948
IE - HKU\S-1-5-21-575125007-1644275302-1831280697-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultthis.engineName: "NCH EN Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://www.GOGLE.PL"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.25
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.53.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0:  File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Oskar\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Oskar\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-28 18:25:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-12 13:57:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-28 18:25:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-12 13:57:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-02-23 09:12:57 | 000,000,000 | ---D | M]

[2011-01-21 20:05:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oskar\AppData\Roaming\mozilla\Extensions
[2012-05-02 08:54:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oskar\AppData\Roaming\mozilla\Firefox\Profiles\b8s7cayv.default\extensions
[2012-03-01 18:42:13 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Oskar\AppData\Roaming\mozilla\Firefox\Profiles\b8s7cayv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012-04-21 08:49:05 | 000,000,000 | ---D | M] (Better Battlelog (BBLog)) -- C:\Users\Oskar\AppData\Roaming\mozilla\Firefox\Profiles\b8s7cayv.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack
[2011-12-05 16:54:27 | 000,000,000 | ---D | M] (Vividas player plugin) -- C:\Users\Oskar\AppData\Roaming\mozilla\Firefox\Profiles\b8s7cayv.default\extensions\[email protected]
[2011-11-17 20:25:44 | 000,002,333 | ---- | M] () -- C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\b8s7cayv.default\searchplugins\askcom.xml
[2010-12-30 18:20:12 | 000,000,915 | ---- | M] () -- C:\Users\Oskar\AppData\Roaming\Mozilla\Firefox\Profiles\b8s7cayv.default\searchplugins\conduit.xml
[2012-03-14 19:11:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\OSKAR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B8S7CAYV.DEFAULT\EXTENSIONS\{888D99E7-E8B5-46A3-851E-1EC45DA1E644}.XPI
[2012-04-28 18:25:28 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010-08-24 11:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2012-02-27 19:06:14 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-09-16 12:57:06 | 000,189,088 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npVividasPlayer.dll
[2012-04-28 18:25:24 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-04-28 18:25:24 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-04-28 18:25:24 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-04-28 18:25:24 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-04-28 18:25:24 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-04-28 18:25:24 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

[color=#E56717]========== Chrome  ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Oskar\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Oskar\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Oskar\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Vividas Player Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npVividasPlayer.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files\Battlelog Web Plugins\1.116.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Oskar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Oskar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Oskar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-02-03 18:08:39 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	   localhost
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (NCH EN Toolbar) - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files\NCH_EN\prxtbNCH0.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programsy\MicrosoftOffice\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (NCH EN Toolbar) - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files\NCH_EN\prxtbNCH0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-575125007-1644275302-1831280697-1000\..\Toolbar\WebBrowser: (NCH EN Toolbar) - {37483B40-C254-4A72-BDA4-22EE90182C1E} - C:\Program Files\NCH_EN\prxtbNCH0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [GrooveMonitor] D:\Programsy\MicrosoftOffice\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [NeroCheck] C:\Windows\System32\\NeroCheck.exe ()
O4 - HKLM..\Run: [PMBVolumeWatcher] D:\Programsy\Soniaczek\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKU\S-1-5-21-575125007-1644275302-1831280697-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-575125007-1644275302-1831280697-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-575125007-1644275302-1831280697-1000..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-575125007-1644275302-1831280697-1000..\Run: [sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-575125007-1644275302-1831280697-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-575125007-1644275302-1831280697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Programsy\MicrosoftOffice\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programsy\MicrosoftOffice\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programsy\MicrosoftOffice\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programsy\MicrosoftOffice\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/pl-pl/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A612FB99-F666-4795-8B10-21C8E5527C72}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF388CD2-FFF0-4EEC-BD85-BB7F03E3AB3C}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F313605B-173F-4D4A-B88C-F33F3EABA75B}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF9752EC-654F-4C9A-9C0E-271A8D94E5CF}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programsy\MicrosoftOffice\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Programsy\MicrosoftOffice\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010-10-04 03:27:16 | 000,000,000 | ---D | M] - I:\autorun -- [ CDFS ]
O32 - AutoRun File - [2010-09-20 09:59:24 | 000,000,062 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-29 08:51:42 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-28 18:25:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012-04-28 18:25:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-04-22 11:08:35 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012-04-22 11:08:34 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012-04-21 19:32:10 | 000,000,000 | ---D | C] -- C:\Users\Oskar\AppData\Roaming\Audacity
[2012-04-17 21:09:50 | 000,000,000 | ---D | C] -- C:\Users\Oskar\Documents\numen
[2012-04-17 21:09:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Akella Games
[2012-04-12 17:39:50 | 000,000,000 | ---D | C] -- C:\Users\Oskar\Documents\Almost Human
[2012-04-12 17:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[2012-04-12 14:42:27 | 000,000,000 | ---D | C] -- C:\Users\Oskar\AppData\Local\NCH_EN
[2012-04-11 15:36:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-04-11 15:36:03 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-04-11 15:36:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-04-11 15:36:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-04-11 15:36:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-04-11 15:36:01 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-04-08 20:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Techland
[2012-04-08 15:18:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GODS - Kraina Nieskończoności
[2012-04-08 13:39:45 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012-04-08 13:39:45 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012-04-08 13:39:44 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2012-04-08 13:38:23 | 000,000,000 | ---D | C] -- C:\Users\Oskar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012-04-08 13:29:57 | 000,000,000 | ---D | C] -- C:\Users\Oskar\AppData\Roaming\InstallShield
[2012-04-05 19:24:38 | 000,000,000 | ---D | C] -- C:\Users\Oskar\AppData\Roaming\wargaming.net
[2012-04-05 19:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Buka
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-05-04 16:48:53 | 006,815,744 | -HS- | M] () -- C:\Users\Oskar\ntuser.dat
[2012-05-04 16:34:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-05-04 16:31:36 | 000,140,800 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012-05-04 16:31:26 | 000,283,304 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012-05-04 16:26:15 | 000,283,304 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2012-05-04 16:20:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-05-04 16:01:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-575125007-1644275302-1831280697-1000UA.job
[2012-05-04 14:20:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-05-04 08:42:09 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-05-04 08:42:09 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-05-04 08:34:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-05-04 08:34:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-05-04 08:34:16 | 2616,635,392 | -HS- | M] () -- C:\hiberfil.sys
[2012-05-03 20:01:01 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-575125007-1644275302-1831280697-1000Core.job
[2012-05-03 17:56:49 | 004,006,120 | -H-- | M] () -- C:\Users\Oskar\AppData\Local\IconCache.db
[2012-05-03 14:16:54 | 001,849,282 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012-05-03 14:16:54 | 000,803,902 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-05-03 14:16:54 | 000,718,110 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-05-03 14:16:54 | 000,179,680 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-05-03 14:16:54 | 000,146,132 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-05-02 16:43:32 | 000,000,771 | ---- | M] () -- C:\Users\Oskar\Desktop\Symulator Farmy 2011 .lnk
[2012-05-01 09:02:56 | 000,002,397 | ---- | M] () -- C:\Users\Oskar\Desktop\Google Chrome.lnk
[2012-04-29 09:34:19 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-29 09:34:19 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-24 20:21:24 | 000,007,598 | ---- | M] () -- C:\Users\Oskar\AppData\Local\Resmon.ResmonCfg
[2012-04-17 21:09:41 | 000,000,789 | ---- | M] () -- C:\Users\Oskar\Desktop\Numen - Contest Of Heroes.lnk
[2012-04-14 18:19:36 | 000,000,218 | ---- | M] () -- C:\Users\Oskar\.recently-used.xbel
[2012-04-12 17:39:28 | 000,000,763 | ---- | M] () -- C:\Users\Public\Desktop\Legend of Grimrock.lnk
[2012-04-12 13:57:35 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012-04-09 15:56:47 | 000,116,248 | ---- | M] () -- C:\Users\Oskar\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-04-09 08:33:30 | 000,425,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-04-08 20:56:17 | 000,000,655 | ---- | M] () -- C:\Users\Public\Desktop\Xpand Rally.lnk
[2012-04-08 15:20:52 | 000,000,744 | ---- | M] () -- C:\Users\Public\Desktop\GODS - Kraina Nieskończoności.lnk
[2012-04-08 13:39:59 | 000,000,753 | ---- | M] () -- C:\Users\Oskar\Desktop\Heroes of Might and Magic V - Dzikie Hordy.lnk
[2012-04-07 21:11:31 | 000,001,471 | ---- | M] () -- C:\Users\Oskar\Documents\ax_files.xml
[2012-04-05 19:04:56 | 000,000,752 | ---- | M] () -- C:\Users\Oskar\Desktop\Pacific Storm.lnk
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-05-02 16:43:32 | 000,000,771 | ---- | C] () -- C:\Users\Oskar\Desktop\Symulator Farmy 2011 .lnk
[2012-04-29 08:51:43 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-21 19:25:13 | 000,000,667 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2012-04-17 21:09:41 | 000,000,789 | ---- | C] () -- C:\Users\Oskar\Desktop\Numen - Contest Of Heroes.lnk
[2012-04-14 18:19:36 | 000,000,218 | ---- | C] () -- C:\Users\Oskar\.recently-used.xbel
[2012-04-12 17:39:28 | 000,000,763 | ---- | C] () -- C:\Users\Public\Desktop\Legend of Grimrock.lnk
[2012-04-08 20:56:17 | 000,000,655 | ---- | C] () -- C:\Users\Public\Desktop\Xpand Rally.lnk
[2012-04-08 15:20:52 | 000,000,744 | ---- | C] () -- C:\Users\Public\Desktop\GODS - Kraina Nieskończoności.lnk
[2012-04-08 13:39:59 | 000,000,753 | ---- | C] () -- C:\Users\Oskar\Desktop\Heroes of Might and Magic V - Dzikie Hordy.lnk
[2012-04-05 19:04:56 | 000,000,752 | ---- | C] () -- C:\Users\Oskar\Desktop\Pacific Storm.lnk
[2012-03-13 17:41:41 | 002,515,790 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012-02-29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012-02-22 15:19:03 | 004,006,120 | -H-- | C] () -- C:\Users\Oskar\AppData\Local\IconCache.db
[2012-02-03 21:37:39 | 001,057,120 | ---- | C] () -- C:\Windows\DarkSteam Uninstaller.exe
[2012-02-03 18:01:37 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012-02-03 18:01:37 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012-02-03 18:01:37 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012-02-03 18:01:37 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012-02-03 18:01:37 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012-01-09 19:46:02 | 000,000,128 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2011-12-04 11:30:14 | 002,580,552 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2011-11-07 16:52:41 | 000,140,800 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011-11-07 16:52:14 | 000,283,304 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011-11-07 16:52:12 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011-10-08 15:47:27 | 000,051,270 | ---- | C] () -- C:\Users\Oskar\AppData\Roaming\room_v3.dat
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011-06-27 18:18:43 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2011-06-15 17:54:45 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2011-06-15 17:54:45 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2011-06-15 17:54:45 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2011-04-15 20:40:51 | 000,138,056 | ---- | C] () -- C:\Users\Oskar\AppData\Roaming\PnkBstrK.sys
[2011-03-22 14:37:03 | 011,010,048 | ---- | C] () -- C:\ProgramData\sandra.mda
[2011-03-13 20:06:03 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2011-03-03 21:20:14 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-03-03 21:20:13 | 000,053,600 | ---- | C] () -- C:\Windows\System32\dosx.exe
[2011-02-01 21:32:29 | 000,000,063 | ---- | C] () -- C:\Windows\wininit.ini
[2011-01-24 22:46:58 | 000,007,598 | ---- | C] () -- C:\Users\Oskar\AppData\Local\Resmon.ResmonCfg
[2011-01-22 20:28:42 | 000,436,792 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2011-01-21 21:32:35 | 000,116,248 | ---- | C] () -- C:\Users\Oskar\AppData\Local\GDIPFONTCACHEV1.DAT
[2011-01-21 20:10:35 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011-01-21 20:10:35 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011-01-21 20:10:31 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2011-01-21 20:10:31 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011-01-21 20:10:31 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011-01-21 20:10:25 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011-01-21 20:10:25 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2011-01-21 19:50:43 | 000,024,576 | R--- | C] () -- C:\Windows\System32\AsIO.dll
[2011-01-21 19:50:43 | 000,011,296 | R--- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2011-01-21 19:50:40 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2011-01-21 19:50:40 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2011-01-21 19:37:33 | 000,010,084 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011-01-21 19:32:21 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011-01-21 19:32:15 | 000,023,407 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011-01-21 18:48:56 | 001,849,282 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI

[color=#E56717]========== LOP Check ==========[/color]

[2011-11-01 20:14:15 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\.minecraft
[2012-01-14 14:58:55 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\AnvSoft
[2012-04-22 12:05:31 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Audacity
[2012-04-12 16:38:51 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\BitComet
[2011-04-19 18:14:23 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\BlackBean
[2012-02-10 18:38:53 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\DAEMON Tools Lite
[2011-06-24 12:58:54 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Day 1 Studios
[2011-04-23 21:28:45 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\DMCache
[2012-01-29 14:18:42 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Gadu-Gadu 10
[2011-02-10 17:17:19 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\GetRightToGo
[2012-02-18 11:32:02 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\gtk-2.0
[2012-03-27 12:36:57 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\inkscape
[2011-07-17 11:59:48 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\IObit
[2011-01-29 11:32:39 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\ipla
[2011-04-23 14:37:16 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Kalypso Media
[2011-03-27 10:05:21 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Leadertech
[2011-04-30 16:17:26 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Mount&Blade
[2011-02-23 20:30:11 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Mount&Blade Warband
[2011-06-07 18:11:53 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Mount&Blade With Fire and Sword
[2011-02-12 22:35:04 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\NCH Swift Sound
[2011-03-08 19:50:14 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\OpenFM
[2011-11-02 19:38:53 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Origin
[2012-02-10 15:52:39 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\petanDrive
[2011-04-13 14:22:40 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\PhotoScape
[2011-07-15 14:02:05 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Pingus
[2011-02-05 20:17:37 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Progpro
[2011-01-28 16:35:36 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\RDRM
[2011-01-30 16:39:27 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Screaming Bee
[2011-12-22 10:49:46 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Sony
[2011-12-22 10:45:19 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Sony Setup
[2011-12-31 13:26:55 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\SumatraPDF
[2012-01-23 19:23:15 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\TeamViewer
[2012-01-17 20:50:44 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Thinstall
[2011-07-10 18:07:50 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Tibia
[2012-01-08 16:19:54 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Tunngle
[2011-12-16 18:24:30 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\Ubisoft
[2012-04-05 19:24:38 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\wargaming.net
[2012-01-01 19:01:54 | 000,000,000 | ---D | M] -- C:\Users\Oskar\AppData\Roaming\WinAVI
[2012-04-06 19:06:52 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

< End of report >

 

OTL Extras logfile created on: 2012-05-04 16:44:02 - Run 1
OTL by OldTimer - Version 3.2.42.2	 Folder = D:\Ściągane_rzeczy
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,25 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 63,96% Memory free
6,50 Gb Paging File | 4,72 Gb Available in Paging File | 72,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,90 Gb Total Space | 3,46 Gb Free Space | 8,67% Space Free | Partition Type: NTFS
Drive D: | 250,00 Gb Total Space | 47,80 Gb Free Space | 19,12% Space Free | Partition Type: NTFS
Drive E: | 250,00 Gb Total Space | 225,92 Gb Free Space | 90,37% Space Free | Partition Type: NTFS
Drive F: | 391,51 Gb Total Space | 215,90 Gb Free Space | 55,14% Space Free | Partition Type: NTFS
Drive I: | 824,05 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: HELGHAST | User Name: Oskar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-575125007-1644275302-1831280697-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Programsy\MicrosoftOffice\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programsy\MicrosoftOffice\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ChomikBox.Upload] -- "D:\Programsy\ChomikBox\\ChomikBox.exe" -u"%1" ( )
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- D:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09302B70-2DEF-421B-AE72-4514A610F366}" = lport=MPC-epmap | protocol=6 | dir=in | svc=MPCss | [email protected],-28539 |
"{09669A5E-BA97-4BF4-8CC8-EACE3BC6F274}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0FBC1405-92CE-4464-98AC-11917E144124}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{15CBC607-041C-422E-A131-8DE4123A9801}" = lport=MPC | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2011.sp1a\wnt500x86\MPCsandrasrv.exe |
"{1A2CAA8E-D4AC-4B0B-BD6D-ED622712969E}" = lport=MPC | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2011.sp1a\MPCagentsrv.exe |
"{38A05852-E3D3-472E-86A4-9864282C4E9B}" = lport=56806 | protocol=6 | dir=in | name=pando media booster |
"{3D9C77C0-EBF5-4CE2-96E5-29BC678A1587}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46E55F3E-A8E2-4AB7-9A4D-308B3E915855}" = lport=10243 | protocol=6 | dir=in | app=system |
"{471C11D9-987A-4A35-9A69-899FE1E345CD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{49A04B77-58A6-425A-8797-0D14228BFEC7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4B08ECAD-B5E0-474C-8EC2-A3CA8FA47CDE}" = lport=5800 | protocol=6 | dir=in | name=vnc5800 |
"{543805F8-5E24-4D58-B3C1-D47751F16D72}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5ADEF093-9C6C-42B6-8B6F-7EA77CEC9EEF}" = lport=5900 | protocol=6 | dir=in | name=vnc5900 |
"{658D4119-DC2D-4406-BA83-1A13C8CE9AAB}" = rport=139 | protocol=6 | dir=out | app=system |
"{666D2579-ABF9-4057-A396-1278C0752525}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6A84E82E-28F7-4A8C-820C-F7C1970E384F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6E6DF180-ADCE-44B5-93E3-B68FE46B5AC6}" = lport=139 | protocol=6 | dir=in | app=system |
"{74FBBDFE-774B-4DF5-96F2-9F090CF74B5B}" = lport=3074 | protocol=17 | dir=in | name=codmw3 |
"{7688B5E8-FABA-440E-81D4-87C6E690AE59}" = rport=10243 | protocol=6 | dir=out | app=system |
"{792A3AD1-7137-433A-835D-D258EE2D152F}" = rport=445 | protocol=6 | dir=out | app=system |
"{8BE82BB6-6006-4B78-8ED8-5C38639ED027}" = lport=6004 | protocol=17 | dir=in | app=d:\programsy\microsoftoffice\office12\outlook.exe |
"{9F9DA08B-90E9-44A0-A8EA-F48D6FEE1674}" = lport=49160 | protocol=6 | dir=in | name=akamai netsession interface |
"{A0DD1135-2343-47D5-8F27-38692B7C5363}" = lport=56806 | protocol=17 | dir=in | name=pando media booster |
"{A21E213B-FC37-46C9-983E-0B42EC26AF88}" = rport=137 | protocol=17 | dir=out | app=system |
"{A928BE28-4BA2-4964-9B42-51A806A034FF}" = lport=56806 | protocol=17 | dir=in | name=pando media booster |
"{B26F7392-E34E-41BA-A32B-D9573B09C46F}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{CCE88BFF-2684-4CBB-B7D5-FFC6969FB536}" = lport=3074 | protocol=6 | dir=in | name=codmw3 |
"{DBE26825-07A0-47F9-9D5B-3DE315115A64}" = rport=138 | protocol=17 | dir=out | app=system |
"{E96ABB38-89C5-44E2-935A-6F09A8C0B024}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{EAA62C12-0ECE-4036-909F-52D8D1AA6737}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EC840730-3967-4EB9-A367-4C4F4A65DCE2}" = lport=29184 | protocol=17 | dir=in | name=codmw3 |
"{EDC10D6E-F813-48E6-869F-199BC837B6D3}" = lport=56806 | protocol=6 | dir=in | name=pando media booster |
"{EDD28433-686B-4DE8-A2DB-5CA1EEE60810}" = lport=138 | protocol=17 | dir=in | app=system |
"{F308573D-5BAD-4B34-AC5C-95AC32B960CC}" = lport=137 | protocol=17 | dir=in | app=system |
"{FAD9A4FA-972D-408C-A765-10AAC0BB2DAA}" = lport=445 | protocol=6 | dir=in | app=system |
"{FEC376A3-EC26-4503-AE6A-173F60C9545B}" = lport=MPC | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0442A05B-8865-4B3F-BBFB-CB0FDC7B210A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{07F4F6AB-22FE-4C2D-B571-C58900BA91A1}" = protocol=17 | dir=in | app=f:\gry\counter strike 1.6 hd nonsteam\hl.exe |
"{0C10A50E-DC05-44BF-B6DE-B5E234FA07E3}" = protocol=17 | dir=in | app=d:\programsy\microsoftoffice\office12\groove.exe |
"{13757106-0A12-4211-A838-CCD18ECD3A60}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1705A9A9-5278-4257-92A6-8FAF06DD3A26}" = protocol=6 | dir=in | app=f:\gry\counter strike 1.6 hd nonsteam\hlds.exe |
"{1D5CA1DB-7145-4ABB-A764-17680900770B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{1F4F7F24-2C2C-439D-9826-CAE32DABA10B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{225D0F33-0C41-42E5-8D81-CC5625DF6429}" = protocol=17 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"{2565FCE8-CF1A-4B14-9D20-024B0E3DB6DB}" = protocol=6 | dir=in | app=f:\gry\ghost recon advanced warfighter 2\graw2_dedicated.exe |
"{266E917A-257D-470A-9860-8DCFF3FBAB9B}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{267C96FA-A48A-4BD4-A3B4-FFF2B910FF92}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{28B05830-FD8D-407F-8133-B8ABE853569B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{2CEA6025-A038-46A4-9A7B-27FADBAF3903}" = protocol=17 | dir=in | app=f:\gry\ghost recon advanced warfighter 2\graw2.exe |
"{2D7732BF-4F62-4BC1-8676-8760FBFC852C}" = protocol=6 | dir=in | app=f:\gry\darksteam\steamapps\common\dawn of war 2\dow2.exe |
"{2DCF1F31-7742-4C61-B4BA-5B4E7BCF8315}" = protocol=6 | dir=out | app=system |
"{324712FD-9063-4063-93E6-957E15A6681B}" = protocol=17 | dir=in | app=e:\do origin\gry origin\battlefield 3\bf3.exe |
"{325C3C73-1121-49ED-BF8F-27C1F5B36F33}" = dir=in | app=f:\gry\call of duty modern warfare 3\teknomw3.exe |
"{32BCB197-D373-4CB9-97FC-F2B15458F169}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{37BA302D-3295-43A3-8FCF-A7BFDE528B3C}" = protocol=6 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"{3A078F4D-4C8B-423A-AFA9-CF7EEFE84480}" = protocol=17 | dir=in | app=f:\gry\symulator farmy 2011\farmingsimulator2011.exe |
"{45CA1D0A-BC56-461A-AF5A-C4A9CDCC9016}" = protocol=17 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"{46E86D10-A11E-4700-B8C6-116271463A90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4A8A1717-5464-4F00-BA23-4C3D5EC004AB}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{4D57EF3D-8225-40A9-B8B8-C3F0C65A1EB0}" = protocol=6 | dir=in | app=f:\gry\counter strike 1.6 hd nonsteam\hl.exe |
"{4E36446D-E3BD-4094-90CF-55E63B2C2C30}" = protocol=17 | dir=in | app=f:\gry\counter strike 1.6 hd nonsteam\hlds.exe |
"{50458A55-C030-4FE7-ABBD-72CB0C1C56CA}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{553DFF71-AB24-4C4C-8A01-40911DBD2215}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5A6EC1B1-BCD4-400E-9A78-8F32A2365084}" = protocol=6 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{5D76F027-FE23-4253-B646-1147B8A0B0DE}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{5E7748D0-3F6C-4477-8272-61B28CCB9E72}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6480E3D0-309C-4C6E-A816-8535525ACA75}" = protocol=1 | dir=in | [email protected],-28543 |
"{67795BFC-87B8-4E83-AC9A-CDB21C8D7C04}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{6850D3CE-8BE5-41FF-8521-A5E675683941}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"{6AD67A71-555F-4211-9CEB-230C5F3EB93A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6BA716E7-7BCB-41FB-B6BB-A1B87AB21B61}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{6C568514-FFBB-4E6B-8701-4017EA98C2FB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6D82CC3D-83C7-47EA-92AD-E9318D4CBBCD}" = protocol=6 | dir=in | app=f:\gry\call of duty modern warfare 3\iw5sp.exe |
"{7416775B-D53F-4D43-AAAF-546991E3CA05}" = protocol=6 | dir=in | app=f:\gry\symulator farmy 2011\game.exe |
"{7485A0CA-3085-4396-9F88-67B5F44FA170}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{7561B985-57E5-4385-A24D-14D984552D8B}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7731C41C-47FE-4C58-BDD2-806135A4EA6D}" = protocol=17 | dir=in | app=d:\programsy\microsoftoffice\office12\onenote.exe |
"{781516C4-D5EC-4CCF-A847-07012E1BA155}" = protocol=6 | dir=in | app=d:\ściągane_rzeczy\call_of_duty_-_modern_warfare_3-rip\tcsb\server browser.exe |
"{7B87B488-C8BF-4A9F-A377-4BA612F5B43E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7D58A6FC-9F1D-4A12-8792-19E2FF5E1A7E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7E69F83B-5666-4575-BA63-475137981847}" = protocol=17 | dir=in | app=f:\gry\symulator farmy 2011\game.exe |
"{8C3FE72D-8384-4967-BB3A-23809E2EAAF1}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{90EDD8EE-F606-4067-A21C-BAF2FE73FA5D}" = protocol=17 | dir=in | app=d:\ściągane_rzeczy\call_of_duty_-_modern_warfare_3-rip\tcsb\server browser.exe |
"{969B1CB9-7B36-4BEE-BE95-A86D50D10CC2}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{97C03AF2-BAEB-4E64-988D-35CE1837323C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9901FFD4-39B9-497D-A512-837E8744B03E}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"{A26568BD-6666-422A-9047-A0E8A7359109}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A685FCF3-33BB-4172-9B25-2D3D9F7121AF}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{A89D5CA9-517B-4745-82BB-DD8A83D35873}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AA0C6BE4-D34F-428B-A406-5D364207059C}" = protocol=1 | dir=out | [email protected],-28544 |
"{AB1936EE-ECFA-42BF-9C59-2ABB5CBCCC2B}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{AFB0DD4F-D2E3-4FAE-9EB7-12FAAC29E939}" = protocol=6 | dir=in | app=e:\do origin\gry origin\battlefield 3\bf3.exe |
"{B12CA91B-2741-4468-89A9-DD3DA8BAD0A3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B165058D-7AD8-4C89-8E70-8433505256C1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B1B7CB3C-B72A-43B1-B2A1-C4CB5C1ED3AA}" = protocol=6 | dir=in | app=f:\gry\darksteam\steam.exe |
"{B250221F-7AEC-425E-BA6B-511B01968F0A}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B26EE34B-B3B8-4245-845F-825FE34B2A74}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B58D68CE-19E2-4E57-B76E-C041085E12BD}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{B66E95D1-3CAD-425D-835F-3446748F0D56}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C5E5D3BF-916C-447C-9A94-84D1BA7ED0F5}" = protocol=17 | dir=in | app=f:\gry\call of duty modern warfare 3\iw5sp.exe |
"{CC3DF333-D8B2-457F-8B01-0AC6371EF95F}" = protocol=6 | dir=in | app=f:\gry\darksteam\steamapps\helghast997\counter-strike\hl.exe |
"{D01E76E6-291A-4D65-94D2-C8213B8BAC25}" = protocol=17 | dir=in | app=f:\gry\darksteam\steam.exe |
"{D4707F86-B04E-4D71-830E-B7E192998044}" = protocol=17 | dir=in | app=c:\program files\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{DBC4B82F-C239-45AF-AF13-F594B0195C0E}" = dir=in | app=f:\gry\call of duty modern warfare 3\iw5sp.exe |
"{DBC9BE23-E48F-41B8-BA1E-110559D93872}" = protocol=6 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"{DEE1D8B6-CE15-48C1-928E-4637BBE7FE6D}" = protocol=6 | dir=in | app=f:\gry\ghost recon advanced warfighter 2\graw2.exe |
"{E1E90394-2080-49C1-B68D-44BBCD40104C}" = protocol=17 | dir=in | app=f:\gry\ghost recon advanced warfighter 2\graw2_dedicated.exe |
"{E24691B6-07BE-4487-B0C9-62FEFD6E994B}" = protocol=17 | dir=in | app=f:\gry\darksteam\steamapps\common\dawn of war 2\dow2.exe |
"{E2E774E3-62F9-4023-AC55-71A66FDC1618}" = protocol=6 | dir=in | app=d:\programsy\microsoftoffice\office12\onenote.exe |
"{E411E5E4-2DC9-40FF-95A0-1E78F7FE05E0}" = protocol=17 | dir=in | app=f:\gry\saints row. the third\saintsrowthethird_dx11.exe |
"{E453621F-B3CB-40C0-B281-609CAB0284AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E461FC8C-4D4A-42F0-A1FB-5C866AC96837}" = protocol=6 | dir=in | app=d:\programsy\microsoftoffice\office12\groove.exe |
"{E6871FBB-7955-4301-A886-FFD90A1035B7}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{E9FD2781-B974-4246-9535-A79CF348D6F9}" = protocol=17 | dir=in | app=f:\gry\darksteam\steamapps\helghast997\counter-strike\hl.exe |
"{EC02AC28-2499-4BDA-8709-27D16C438979}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{EE5443EE-C3E1-4A02-A209-3F86C88F4444}" = protocol=6 | dir=in | app=f:\gry\saints row. the third\saintsrowthethird_dx11.exe |
"{EFBB170A-4629-412C-9497-6BCCC56A2FFB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F517C24B-51D9-41CC-BB41-B6EEB22EA837}" = protocol=58 | dir=in | [email protected],-28545 |
"{F8FEBA9F-7282-49F6-B1C5-E8AADC27A7B8}" = protocol=6 | dir=in | app=f:\gry\symulator farmy 2011\farmingsimulator2011.exe |
"{FC1F4B23-86D0-471E-AEE2-41685B2613F7}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{FDBE474B-3EAA-41FC-8863-9931071A4F1C}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FE82B2B1-2C00-4A59-B89C-66DF92B036F5}" = protocol=58 | dir=out | [email protected],-28546 |
"TCP Query User{073EBC83-A2BE-47E4-BFBA-14BDBF73BB41}F:\gry\call of duty modern warfare 3\iw5sp.exe" = protocol=6 | dir=in | app=f:\gry\call of duty modern warfare 3\iw5sp.exe |
"TCP Query User{1073C985-24B7-442D-8FC8-F55BC57B5605}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{1428FF52-D3F5-4397-A429-9703F0F6E181}C:\users\oskar\appdata\local\temp\e1f765128df348d4b7f8fd39967f3df0\relicdownloader.exe" = protocol=6 | dir=in | app=c:\users\oskar\appdata\local\temp\e1f765128df348d4b7f8fd39967f3df0\relicdownloader.exe |
"TCP Query User{2797307B-1395-4620-BBB6-ABCF4E192610}C:\program files\java\jdk1.6.0_25\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0_25\bin\java.exe |
"TCP Query User{28DA6446-A9CA-49C0-B758-DC098E46B2DF}F:\gry\metin2 priv hack\metin2mod_2011sf.exe" = protocol=6 | dir=in | app=f:\gry\metin2 priv hack\metin2mod_2011sf.exe |
"TCP Query User{3234C612-5629-4A43-AE74-338B21C91CA1}F:\gry\men of war vietnam\vietnam.exe" = protocol=6 | dir=in | app=f:\gry\men of war vietnam\vietnam.exe |
"TCP Query User{33D843F2-3A20-4FF9-A8FB-5E471736B95D}F:\gry\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=f:\gry\dead island\deadislandgame.exe |
"TCP Query User{41323840-95EC-48B2-89D2-C8E6701370E1}F:\gry\tilian mt2\client\metin2client.bin" = protocol=6 | dir=in | app=f:\gry\tilian mt2\client\metin2client.bin |
"TCP Query User{4F3638E2-7E31-45D0-899D-6A116ED4F4D3}F:\instalki\pc_dirt.3.(multi5).direct.play.-tptb\dirt3\codemasters\dirt3\dirt3_game.exe" = protocol=6 | dir=in | app=f:\instalki\pc_dirt.3.(multi5).direct.play.-tptb\dirt3\codemasters\dirt3\dirt3_game.exe |
"TCP Query User{638A4106-B0AF-46F2-A3DF-682F11D00DFB}F:\gry\cs extreme\hl.exe" = protocol=6 | dir=in | app=f:\gry\cs extreme\hl.exe |
"TCP Query User{6CEF403F-BA39-4DD6-9DEC-9D1F7B499635}D:\ściągane_rzeczy\call_of_duty_-_modern_warfare_3-rip\tcsb\server browser.exe" = protocol=6 | dir=in | app=d:\ściągane_rzeczy\call_of_duty_-_modern_warfare_3-rip\tcsb\server browser.exe |
"TCP Query User{723DB9CE-35F0-4C88-9832-9978F0A7A588}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{75602ED5-EDB0-41DE-94EB-CD7D2B625775}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{75F4F820-1F3F-4DBB-85F7-050C635A4722}F:\gry\tilian mt2\client\metin2client.exe" = protocol=6 | dir=in | app=f:\gry\tilian mt2\client\metin2client.exe |
"TCP Query User{7611FC9D-A3F7-4D08-AD25-6062D1A960F0}F:\gry\tilian\metin2client.exe" = protocol=6 | dir=in | app=f:\gry\tilian\metin2client.exe |
"TCP Query User{8010E36C-7C6C-4759-9D31-D1C59EB4835E}K:\fear.3.2011.beta.working-p2p\f.e.a.r. 3.exe" = protocol=6 | dir=in | app=k:\fear.3.2011.beta.working-p2p\f.e.a.r. 3.exe |
"TCP Query User{851BB19D-5192-483A-8BB5-6C62197422D5}F:\gry\cs extreme\hlds.exe" = protocol=6 | dir=in | app=f:\gry\cs extreme\hlds.exe |
"TCP Query User{9A0B2159-2449-4585-9DE1-23394A6709A7}F:\gry\assassin's creed - revelations\acrsp.exe" = protocol=6 | dir=in | app=f:\gry\assassin's creed - revelations\acrsp.exe |
"TCP Query User{9EDA7941-66A6-47E0-8D84-0FB423FE7CB0}F:\gry\thq\reliccoh.exe" = protocol=6 | dir=in | app=f:\gry\thq\reliccoh.exe |
"TCP Query User{A01BB620-BC2B-45F6-B419-EC35615B934F}F:\gry\counter strike 1.6 hd nonsteam\hlds.exe" = protocol=6 | dir=in | app=f:\gry\counter strike 1.6 hd nonsteam\hlds.exe |
"TCP Query User{A0A62797-5724-42C7-A5BB-DB6998100DD2}F:\gry\thq\relicdownloader\relicdownloader.exe" = protocol=6 | dir=in | app=f:\gry\thq\relicdownloader\relicdownloader.exe |
"TCP Query User{A5731DD7-18E6-477A-8C08-C55FC8F5AE4D}F:\gry\saints row. the third\saintsrowthethird_dx11.exe" = protocol=6 | dir=in | app=f:\gry\saints row. the third\saintsrowthethird_dx11.exe |
"TCP Query User{B486E4B2-AFB7-4EFA-A71A-39946B3CCE06}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{C70337B2-BD86-4E52-AEFA-7C218D6B516E}F:\gry\assassin's creed - revelations\acrmp.exe" = protocol=6 | dir=in | app=f:\gry\assassin's creed - revelations\acrmp.exe |
"TCP Query User{D0455CA7-B5AE-4F65-94FE-3F3BF58A2312}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{D60495DD-2EC8-4B53-9624-C83FD8295CAE}F:\gry\m&m v\bin\h5_game.exe" = protocol=6 | dir=in | app=f:\gry\m&m v\bin\h5_game.exe |
"TCP Query User{D6E1185C-D1BC-4B17-BEED-E38F9D859F0A}F:\gry\men of war. assault squad\mow_assault_squad.exe" = protocol=6 | dir=in | app=f:\gry\men of war. assault squad\mow_assault_squad.exe |
"TCP Query User{D74DD5E8-5065-4600-819C-7D3B920620E3}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{DCAD21F4-640D-49C3-8726-F823D7006A21}F:\gry\metin 2 private\metin2mod_2011sf.exe" = protocol=6 | dir=in | app=f:\gry\metin 2 private\metin2mod_2011sf.exe |
"TCP Query User{DD5BB535-3F98-4375-92D0-632A451B9BBB}C:\program files\sony\media go\mediago.exe" = protocol=6 | dir=in | app=c:\program files\sony\media go\mediago.exe |
"TCP Query User{DFBAB73C-E3CE-4851-A7A3-42FEB89A99D2}F:\gry\imetin\starter.exe" = protocol=6 | dir=in | app=f:\gry\imetin\starter.exe |
"TCP Query User{E2378918-17D3-4577-ADF6-565AF2A17DC3}F:\gry\settlers 4\exe\s4_main.exe" = protocol=6 | dir=in | app=f:\gry\settlers 4\exe\s4_main.exe |
"TCP Query User{E33D31A3-BBB0-4183-8F10-631E05F24A4A}F:\gry\pandoramt2\metin2.bin" = protocol=6 | dir=in | app=f:\gry\pandoramt2\metin2.bin |
"TCP Query User{F0EAD0DF-C158-4498-B210-B46E522D2AFD}F:\gry\counter strike 1.6 hd nonsteam\hl.exe" = protocol=6 | dir=in | app=f:\gry\counter strike 1.6 hd nonsteam\hl.exe |
"TCP Query User{FBF3B253-7432-4951-A55D-4012DDEA24B9}F:\gry\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=f:\gry\world_of_tanks\wotlauncher.exe |
"UDP Query User{082ECD79-0598-4B3E-B837-679639996A81}C:\program files\java\jdk1.6.0_25\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0_25\bin\java.exe |
"UDP Query User{0D8BCAA6-28F6-43AE-9B28-95A4B94166AA}F:\gry\tilian mt2\client\metin2client.exe" = protocol=17 | dir=in | app=f:\gry\tilian mt2\client\metin2client.exe |
"UDP Query User{11DDE099-A8AE-4CF1-923E-45244AA073B0}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{14EE93A2-BBA8-4B82-BFC9-1B0A73EBABB8}F:\gry\pandoramt2\metin2.bin" = protocol=17 | dir=in | app=f:\gry\pandoramt2\metin2.bin |
"UDP Query User{1DE671BF-C03D-484B-B1B2-315F30A13BC7}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{239E7E04-B518-4CEE-B7E1-66A4CB1CE50A}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{2AFAE7E0-2421-4F31-8804-F20164862D01}F:\gry\saints row. the third\saintsrowthethird_dx11.exe" = protocol=17 | dir=in | app=f:\gry\saints row. the third\saintsrowthethird_dx11.exe |
"UDP Query User{2E3E86BB-6506-440F-BA16-0DC76AA74300}C:\users\oskar\appdata\local\temp\e1f765128df348d4b7f8fd39967f3df0\relicdownloader.exe" = protocol=17 | dir=in | app=c:\users\oskar\appdata\local\temp\e1f765128df348d4b7f8fd39967f3df0\relicdownloader.exe |
"UDP Query User{411E8E01-FD19-46DA-801C-19028FED79FA}F:\gry\men of war. assault squad\mow_assault_squad.exe" = protocol=17 | dir=in | app=f:\gry\men of war. assault squad\mow_assault_squad.exe |
"UDP Query User{419ABA96-57C6-435B-925E-3BA576DDF99F}F:\gry\tilian\metin2client.exe" = protocol=17 | dir=in | app=f:\gry\tilian\metin2client.exe |
"UDP Query User{446D4865-154A-49C6-B9BD-5F35B48C591E}F:\gry\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=f:\gry\world_of_tanks\wotlauncher.exe |
"UDP Query User{45284559-689D-4221-90C5-25DE4CE79664}F:\gry\men of war vietnam\vietnam.exe" = protocol=17 | dir=in | app=f:\gry\men of war vietnam\vietnam.exe |
"UDP Query User{45C95233-A8E0-4A5A-A96D-84B0BA49CDDD}F:\gry\assassin's creed - revelations\acrmp.exe" = protocol=17 | dir=in | app=f:\gry\assassin's creed - revelations\acrmp.exe |
"UDP Query User{4A153C82-923F-468B-A02E-790C3B8DB68E}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{56ED3ED2-7E2A-4787-8252-5D508992FC19}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{64DCC1FE-64B7-4B7B-B16C-DA039549C8A8}F:\gry\thq\relicdownloader\relicdownloader.exe" = protocol=17 | dir=in | app=f:\gry\thq\relicdownloader\relicdownloader.exe |
"UDP Query User{67A44D42-9F8D-4510-B919-6CD467205A09}F:\gry\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=f:\gry\dead island\deadislandgame.exe |
"UDP Query User{6E279093-563C-4BDE-A6C8-399CCD0A9226}F:\gry\metin 2 private\metin2mod_2011sf.exe" = protocol=17 | dir=in | app=f:\gry\metin 2 private\metin2mod_2011sf.exe |
"UDP Query User{79BD30DD-8DD3-41AF-9515-22466CCB0981}F:\gry\settlers 4\exe\s4_main.exe" = protocol=17 | dir=in | app=f:\gry\settlers 4\exe\s4_main.exe |
"UDP Query User{7F9AFC5B-26CE-4BEB-93FF-65335A11CCB1}F:\instalki\pc_dirt.3.(multi5).direct.play.-tptb\dirt3\codemasters\dirt3\dirt3_game.exe" = protocol=17 | dir=in | app=f:\instalki\pc_dirt.3.(multi5).direct.play.-tptb\dirt3\codemasters\dirt3\dirt3_game.exe |
"UDP Query User{8BD1671D-D461-4F37-A9B0-AFCB7E926039}F:\gry\counter strike 1.6 hd nonsteam\hl.exe" = protocol=17 | dir=in | app=f:\gry\counter strike 1.6 hd nonsteam\hl.exe |
"UDP Query User{92132D07-C886-4F08-B457-155E7329E411}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{98059CD2-72E8-4296-BF70-A094B8B59F26}K:\fear.3.2011.beta.working-p2p\f.e.a.r. 3.exe" = protocol=17 | dir=in | app=k:\fear.3.2011.beta.working-p2p\f.e.a.r. 3.exe |
"UDP Query User{98EDC09B-841E-47F8-9DE0-72F9E5B81F7D}F:\gry\tilian mt2\client\metin2client.bin" = protocol=17 | dir=in | app=f:\gry\tilian mt2\client\metin2client.bin |
"UDP Query User{9C8A172E-A30B-48F7-8DD5-533E49162713}F:\gry\cs extreme\hlds.exe" = protocol=17 | dir=in | app=f:\gry\cs extreme\hlds.exe |
"UDP Query User{A6A8E453-0AF6-4B3A-8452-6653F1301616}F:\gry\counter strike 1.6 hd nonsteam\hlds.exe" = protocol=17 | dir=in | app=f:\gry\counter strike 1.6 hd nonsteam\hlds.exe |
"UDP Query User{B2982987-AB30-4A49-B3A8-B4260F7A8BE5}C:\program files\sony\media go\mediago.exe" = protocol=17 | dir=in | app=c:\program files\sony\media go\mediago.exe |
"UDP Query User{BB4BE2BE-16DB-4E15-8EB0-0E33C6592822}F:\gry\call of duty modern warfare 3\iw5sp.exe" = protocol=17 | dir=in | app=f:\gry\call of duty modern warfare 3\iw5sp.exe |
"UDP Query User{BF5BB8FE-A47C-46CB-BF69-B48F02E1D81F}F:\gry\metin2 priv hack\metin2mod_2011sf.exe" = protocol=17 | dir=in | app=f:\gry\metin2 priv hack\metin2mod_2011sf.exe |
"UDP Query User{C576A33A-4B0C-4A49-9F2C-601103070AD7}D:\ściągane_rzeczy\call_of_duty_-_modern_warfare_3-rip\tcsb\server browser.exe" = protocol=17 | dir=in | app=d:\ściągane_rzeczy\call_of_duty_-_modern_warfare_3-rip\tcsb\server browser.exe |
"UDP Query User{CCFE6551-8751-47F9-A272-D4B2310A522F}F:\gry\assassin's creed - revelations\acrsp.exe" = protocol=17 | dir=in | app=f:\gry\assassin's creed - revelations\acrsp.exe |
"UDP Query User{D71A9D1C-9554-487F-BC8F-03EEE7763371}F:\gry\imetin\starter.exe" = protocol=17 | dir=in | app=f:\gry\imetin\starter.exe |
"UDP Query User{E3376841-BB69-4B14-925A-78A1F797067F}F:\gry\thq\reliccoh.exe" = protocol=17 | dir=in | app=f:\gry\thq\reliccoh.exe |
"UDP Query User{E6A80EE4-6403-47DA-AD84-02D13E72898D}F:\gry\m&m v\bin\h5_game.exe" = protocol=17 | dir=in | app=f:\gry\m&m v\bin\h5_game.exe |
"UDP Query User{F77E2623-9CCA-4D08-8F5F-95DE2564A474}F:\gry\cs extreme\hl.exe" = protocol=17 | dir=in | app=f:\gry\cs extreme\hl.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{09C85E5A-3E10-4268-904C-BACEF16ECEF0}" = ESET NOD32 Antivirus
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CF77150-B480-4F9F-8100-FF410AC86EE3}" = Heroes of Might and Magic V - Dzikie Hordy
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{252436F1-9583-4AD7-AA11-619AFFB96543}" = Xpand Rally
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{32A3A4F4-B792-11D6-A78A-00B0D0160110}" = Java(TM) SE Development Kit 6 Update 11
"{32A3A4F4-B792-11D6-A78A-00B0D0160250}" = Java(TM) SE Development Kit 6 Update 25
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{3699BC50-DA7B-4DA7-BB43-2981C9178FAD}" = UFO Kolejne starcie
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE06D54-72B1-44B2-AB60-E4277EC80EF4}" = Microsoft XML Parser
"{439C8F8B-5A1B-4A3C-A91A-2F3F8CD34DDB}" = ChomikBox
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims? 3 Po zmroku
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{520CD4F0-9DAC-4C5C-8CA1-D0210CFF6062}" = Media Go
"{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65761BAE-11E8-48FE-B30F-1F01011AB906}" = Narzędzie The Sims? 3 Stwórz świat ? Beta
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims? 3 Nowoczesny apartament Akcesoria
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3?
"{7B33A30A-FE01-4BA1-858F-ACB80EABBD25}_is1" = Pacific Storm
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum obsługi urządzeń z systemem Windows Mobile
"{90850415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A2422674-F3A7-46F2-8966-EC6B1FBD6EB3}" = Settlers IV - Złota Edycja
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype? 5.5
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 296.10
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims? 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims? 3 Zwierzaki
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2011.SP1a
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{C9935C7E-ED44-427D-B8DF-39E2ACF1AA6A}_is1" = Men of War: Vietnam (Remove Only)
"{CA570413-1E5F-4A02-B742-ACF29DFB7F0F}" = GODS
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D8B5C1BB-5951-422D-A4D5-451675614956}_is1" = Men of War: Assault Squad (Remove Only)
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.13
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.21beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity_is1" = Audacity 2.0
"Battlelog Web Plugins" = Battlelog Web Plugins
"BitComet" = BitComet 1.29
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"conduitEngine" = Conduit Engine
"Counter Strike 1.6 HD NonSteam Full" = Counter Strike 1.6 HD NonSteam Full
"DAEMON Tools Lite" = DAEMON Tools Lite
"DarkSteam" = DarkSteam
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESN Sonar-0.70.4" = ESN Sonar
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"FarmingSimulator2011PL_is1" = Symulator Farmy 2011
"Fraps" = Fraps (remove only)
"Gadu-Gadu 10" = Gadu-Gadu 10
"Inkscape" = Inkscape 0.48.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Menedżera urządzeń
"InstallShield_{252436F1-9583-4AD7-AA11-619AFFB96543}" = Xpand Rally
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Basic)
"Legend of Grimrock_is1" = Legend of Grimrock
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Mozilla Firefox 12.0 (x86 pl)" = Mozilla Firefox 12.0 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NCH_EN Toolbar" = NCH EN Toolbar
"Nero Multimedia Suite10.0.13100 Lite" = Nero Multimedia Suite
"Numen: Contest Of Heroes_is1" = Numen: Contest Of Heroes
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PhotoScape" = PhotoScape
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 2.0.2
"Steam App 10" = Counter-Strike
"Steam App 15620" = Warhammer? 40,000?: Dawn of War? II
"Steam App 41070" = Serious Sam 3: BFE
"Steam App 47400" = Stronghold 3
"Steam App 48120" = The Settlers 7: Paths to a Kingdom
"Steam App 48210" = The Settlers 7: Paths to a Kingdom - Gold Edition
"TeamViewer 7" = TeamViewer 7
"Tunngle beta_is1" = Tunngle beta
"VideoPad" = VideoPad Video Editor
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-575125007-1644275302-1831280697-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

 

HiJackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:56:39, on 2012-05-04
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
C:\Windows\Explorer.EXE
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\Programsy\MicrosoftOffice\Office12\GrooveMonitor.exe
C:\Windows\WindowsMobile\wmdc.exe
D:\Programsy\Soniaczek\PMBVolumeWatcher.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
F:\Gry\The Sims 3\Origin\Origin.exe
D:\Ściągane_rzeczy\OTL.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2801948
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files\NCH_EN\prxtbNCH0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: NCH EN - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files\NCH_EN\prxtbNCH0.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programsy\MicrosoftOffice\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - (no file)
O3 - Toolbar: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files\NCH_EN\prxtbNCH0.dll
O3 - Toolbar: Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [NeroCheck] C:\Windows\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Programsy\MicrosoftOffice\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PMBVolumeWatcher] D:\Programsy\Soniaczek\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
O4 - HKCU\..\Run: [Google Update] "C:\Users\Oskar\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/pl-pl/wlscctrl2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programsy\MicrosoftOffice\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - D:\Programsy\Soniaczek\PMBDeviceInfoProvider.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\MPCAgentSrv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
--
End of file - 9030 bytes

Zarchiwizowany

Ten temat przebywa obecnie w archiwum. Dodawanie nowych odpowiedzi zostało zablokowane.

Tematy
×
×
  • Dodaj nową pozycję...