OTL logi pod katem smieci

SmokeEveryDay · 25 Kwietnia 2013

Daje dla pewnosci, po skanie salitykiller mialem ponad 150 wiruchow

Jesli zobaczysz cos zbednego, jakies gowno, ktore zainstalowalo sie czy cos, to do wywalenia

OTL

OTL logfile created on: 4/25/2013 11:31:51 AM - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dom\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3.91 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 52.42% Memory free
7.83 Gb Paging File | 5.33 Gb Available in Paging File | 68.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.00 Gb Total Space | 36.64 Gb Free Space | 36.64% Space Free | Partition Type: NTFS
Drive D: | 177.46 Gb Total Space | 64.77 Gb Free Space | 36.50% Space Free | Partition Type: NTFS

Computer Name: DOM-KOMPUTER | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - [2013/04/25 11:31:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Downloads\OTL.exe
PRC - [2013/03/11 02:22:07 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/10/31 00:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/31 00:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/10/31 00:50:56 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2012/02/11 22:52:00 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\SpeedyDrive\mounter.exe
PRC - [2011/12/23 16:58:32 | 001,830,912 | ---- | M] () -- C:\Users\Dom\Downloads\aaaa Wszystko\Switchbotv3.1\Switchbotv3.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/02/01 23:24:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 23:24:38 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/03 21:01:34 | 000,983,104 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2010/11/03 21:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010/11/03 20:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/11/03 20:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2010/09/30 03:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe

========== Modules (No Company Name) ==========

MOD - [2013/03/11 02:22:06 | 000,459,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
MOD - [2013/03/11 02:22:05 | 012,662,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013/03/11 02:22:04 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013/03/11 02:21:18 | 000,596,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013/03/11 02:21:18 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013/03/11 02:21:16 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2013/01/24 13:20:16 | 001,032,704 | ---- | M] () -- c:\Program Files (x86)\SimpleSpeedy\sprotector.dll
MOD - [2011/12/23 16:58:32 | 001,830,912 | ---- | M] () -- C:\Users\Dom\Downloads\aaaa Wszystko\Switchbotv3.1\Switchbotv3.exe

========== Services (SafeList) ==========

SRV:64bit: - [2012/10/31 00:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/10/31 00:50:56 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2011/01/05 22:41:38 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/01/05 22:28:50 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/01/05 22:26:56 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010/10/08 00:58:14 | 000,331,776 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
SRV:64bit: - [2010/09/23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/18 00:47:12 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/19 23:10:50 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/04/15 11:13:03 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/02/28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/14 11:08:50 | 002,466,304 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/12/12 20:43:31 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/18 09:44:21 | 000,654,944 | ---- | M] (Wellbia.com Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\xsherlock.xem -- (xsherlock)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/06/11 12:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/05/15 21:54:13 | 004,295,288 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012/04/13 10:17:10 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012/02/11 22:52:00 | 000,014,848 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SpeedyDrive\mounter.exe -- (DokanMounter)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/02/01 23:24:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 23:24:38 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/03 21:01:34 | 000,983,104 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010/11/03 21:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/11/03 20:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/03/15 19:14:04 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012/10/31 00:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/10/31 00:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/10/31 00:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/10/31 00:51:55 | 000,262,656 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2012/10/31 00:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/10/31 00:51:55 | 000,021,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/10/31 00:51:53 | 000,132,864 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2012/10/31 00:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/10/15 18:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/09/21 11:26:08 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2012/07/13 10:01:47 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/06/11 12:33:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/11 22:52:00 | 000,120,408 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\dokan.sys -- (Dokan)
DRV:64bit: - [2012/01/09 18:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2012/01/09 18:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012/01/09 18:28:20 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2012/01/09 18:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012/01/09 18:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012/01/09 18:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011/12/15 20:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/04/15 04:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/24 06:47:04 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2011/03/24 06:47:02 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/03/24 06:47:02 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 01:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/01/04 04:29:46 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010/12/28 20:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/04 14:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2010/11/04 12:31:44 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2010/10/20 03:12:58 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2010/10/20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/14 18:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/10/09 14:35:38 | 001,801,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2010/05/07 04:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/11/19 14:45:08 | 000,299,568 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/24 07:31:30 | 000,021,104 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FBIOSDRV.sys -- (FBIOSDRV)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2006/11/01 12:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
DRV:64bit: - [2006/11/01 12:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
DRV - [2012/03/29 15:55:26 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{44E64640-79DC-4EDB-A142-148282A6B88D}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.greatresults.info/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{44E64640-79DC-4EDB-A142-148282A6B88D}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.greatresults.info/?l=1&q={searchTerms}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile = 23570767
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.greatresults.info/
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes,DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119370&tt=4712_5&babsrc=SP_ss&mntrId=ae31ac310000000000004c809354accd
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.greatresults.info/?l=1&q={searchTerms}
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 147.102.16.69:3128

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "WebSearch"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: "http://websearch.greatresults.info/?l=1&q="
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.selectedEngine: "WebSearch"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..browser.startup.homepage: "http://websearch.greatresults.info/"
FF - prefs.js..extensions.enabledAddons: [email protected]:2013.03.28
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0.3
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:20.0.1
FF - prefs.js..keyword.URL: "http://websearch.greatresults.info/?l=1&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: D:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/04 11:15:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/09 13:40:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/15 11:13:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/23 11:27:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Dom\AppData\Roaming\IDM\idmmzcc3

[2013/01/02 19:43:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\mozilla\Extensions
[2013/04/07 13:32:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\103iuyrn.default-1362988146455\extensions
[2013/04/07 13:32:14 | 000,000,000 | ---D | M] (Browsseo22ssaavve) -- C:\Users\Dom\AppData\Roaming\mozilla\Firefox\Profiles\103iuyrn.default-1362988146455\extensions\[email protected]
[2013/04/07 11:32:51 | 000,004,366 | ---- | M] () (No name found) -- C:\Users\Dom\AppData\Roaming\mozilla\firefox\profiles\103iuyrn.default-1362988146455\extensions\[email protected]
[2013/04/01 00:34:24 | 000,021,608 | ---- | M] () (No name found) -- C:\Users\Dom\AppData\Roaming\mozilla\firefox\profiles\103iuyrn.default-1362988146455\extensions\[email protected]
[2013/04/25 11:29:26 | 000,007,766 | ---- | M] () -- C:\Users\Dom\AppData\Roaming\mozilla\firefox\profiles\103iuyrn.default-1362988146455\searchplugins\WebSearch.xml
[2013/03/08 20:41:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/04/15 11:13:03 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/07/25 15:57:52 | 000,121,024 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll
[2013/02/20 12:19:50 | 000,002,980 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2013/03/06 13:58:25 | 000,006,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013/02/20 12:19:50 | 000,001,619 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2013/02/20 12:19:50 | 000,001,130 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2013/02/20 12:19:50 | 000,001,071 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2013/02/20 12:19:50 | 000,001,396 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2013/02/20 12:19:50 | 000,001,896 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

========== Chrome ==========

CHR - homepage:
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdkaapdgobfkddbmbagoehodkgbknlhc\1.8_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fblimfbalghfofmlfbnmbjojpijfkogk\1\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc\1.0.0.37_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmdphihkopbepogaialenmgoacnpmffo\1.1_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcijdkkommbhnpohidhdpkhendgcpamf\0.4_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojoalkffommhmdmbohjphohoejjmgepc\1.0_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.19.11_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcdplgchgghnahkmoeibomjpbikclka\2.0_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdkaapdgobfkddbmbagoehodkgbknlhc\1.8_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fblimfbalghfofmlfbnmbjojpijfkogk\1\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc\1.0.0.37_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmdphihkopbepogaialenmgoacnpmffo\1.1_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcijdkkommbhnpohidhdpkhendgcpamf\0.4_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojoalkffommhmdmbohjphohoejjmgepc\1.0_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.19.11_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcdplgchgghnahkmoeibomjpbikclka\2.0_0\

O1 HOSTS File: ([2013/02/01 19:58:49 | 000,000,836 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 update.silverangel.org
O1 - Hosts: 178.255.46.207 derox.pl
O1 - Hosts: 203.150.231.222 xtrap.cabalonline.com.br
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Dom\AppData\Roaming\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [bTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [intelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [indicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O7 - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17ECDC82-F974-4C04-B924-CC9DC71A8CCE}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2848B855-D0DD-43E7-BD1E-895ADA4300FF}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\simple~1\sprote~1.dll) - c:\Program Files (x86)\SimpleSpeedy\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O27:64bit: - HKLM IFEO\steam.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\steam.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\teamviewer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{90d9d176-a697-11e2-895b-4c809354acd0}\Shell - "" = AutoRun
O33 - MountPoints2\{90d9d176-a697-11e2-895b-4c809354acd0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a4e61065-8715-11e2-9a27-4c809354acd0}\Shell - "" = AutoRun
O33 - MountPoints2\{a4e61065-8715-11e2-9a27-4c809354acd0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a4e6106d-8715-11e2-9a27-4c809354acd0}\Shell - "" = AutoRun
O33 - MountPoints2\{a4e6106d-8715-11e2-9a27-4c809354acd0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a4e61085-8715-11e2-9a27-4c809354acd0}\Shell - "" = AutoRun
O33 - MountPoints2\{a4e61085-8715-11e2-9a27-4c809354acd0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a4e61088-8715-11e2-9a27-4c809354acd0}\Shell - "" = AutoRun
O33 - MountPoints2\{a4e61088-8715-11e2-9a27-4c809354acd0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2013/04/25 10:23:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SimpleSpeedy
[2013/04/23 11:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/04/23 11:32:42 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/04/23 11:32:42 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/04/23 11:32:42 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/04/23 11:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz
[2013/04/23 11:16:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Odkurzacz
[2013/04/22 09:22:59 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\LogMeIn Hamachi
[2013/04/22 09:21:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013/04/22 09:21:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013/04/16 19:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Quirv
[2013/04/16 19:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Moinyn
[2013/04/16 19:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Ecov
[2013/04/16 19:30:15 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\tttt
[2013/04/16 11:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2013/04/16 11:05:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2013/04/16 11:01:22 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2013/04/16 10:58:47 | 000,861,184 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpowiav1.dll
[2013/04/16 10:58:47 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2013/04/16 10:58:46 | 001,297,408 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpotiop1.dll
[2013/04/16 10:58:46 | 000,498,176 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpovst01.dll
[2013/04/14 13:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
[2013/04/11 14:42:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
[2013/04/08 15:45:56 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\Nowy folder (5)
[2013/04/07 21:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\cmetin2
[2013/04/07 13:32:13 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftSafe
[2013/04/07 13:30:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Browsseo22ssaavve
[2013/04/07 13:07:10 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\WinLive32
[2013/04/07 12:14:32 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TunnelBear
[2013/04/01 15:11:21 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\Nowy folder (4)
[2013/03/28 02:33:48 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013/03/27 23:03:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/27 23:03:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/03/27 15:50:24 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\NetBeans
[2013/03/27 15:50:23 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\NetBeans
[2013/03/27 12:28:57 | 001,085,344 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013/03/27 12:28:57 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/03/27 12:28:50 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/03/27 12:28:50 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/03/27 12:28:50 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/03/27 12:27:39 | 000,000,000 | ---D | C] -- C:\Users\Dom\.nbi
[2013/03/26 12:39:25 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\Nowy folder (2)
[2013/03/25 21:08:18 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Local\Spoon
[2013/03/22 17:31:16 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\Shrek 2
[2013/03/22 17:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2013/03/22 17:30:20 | 000,000,000 | ---D | C] -- C:\help
[2013/03/22 17:30:16 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Activision
[2013/03/21 20:48:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AidemMedia
[2013/03/21 20:48:17 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Aidem Media
[2013/03/18 21:21:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Play
[2013/03/18 21:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mirage Interactive
[2013/03/18 07:33:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/16 18:09:41 | 000,000,000 | ---D | C] -- C:\Users\Dom\Documents\Moje Gry
[2013/03/15 19:14:04 | 000,131,856 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys
[2013/03/11 15:32:09 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\GanymedeNet
[2013/03/09 13:41:14 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/03/09 13:41:14 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/03/09 13:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2013/03/09 13:41:11 | 000,132,864 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2013/03/09 13:40:53 | 000,262,656 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2013/03/09 13:40:53 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/03/09 13:40:52 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/03/09 13:40:51 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/03/09 13:40:51 | 000,021,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2013/03/09 13:40:49 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/03/09 13:40:35 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2013/03/09 13:40:21 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/03/08 20:41:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/07 13:42:19 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013/03/07 13:02:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\blueconnect
[2013/03/05 14:06:50 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2013/03/05 13:32:48 | 000,000,000 | ---D | C] -- C:\Users\Dom\Desktop\Nowy folder
[2013/03/03 17:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIT Format 2012
[2013/03/03 17:04:14 | 000,000,000 | ---D | C] -- C:\PIT Format 2012
[2013/02/27 16:52:16 | 000,000,000 | ---D | C] -- C:\Users\Dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GTA San Andreas Patch v1.0
[2013/02/27 16:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTA San Andreas Patch v1.0
[2013/02/02 16:31:54 | 000,005,120 | ---- | C] (myN) -- C:\Users\Dom\AppData\Roaming\patcher02.patUpdater.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2013/04/25 08:53:13 | 001,667,664 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/25 08:53:13 | 000,739,664 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013/04/25 08:53:13 | 000,653,644 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/25 08:53:13 | 000,155,484 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013/04/25 08:53:13 | 000,121,788 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/25 08:43:57 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/25 08:43:57 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/25 08:35:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/23 14:19:42 | 000,209,760 | ---- | M] () -- C:\Users\Dom\Desktop\Bez tytułu.jpg
[2013/04/23 13:16:31 | 000,000,910 | ---- | M] () -- C:\Users\Dom\Desktop\Victima.lnk
[2013/04/23 11:16:47 | 000,001,025 | ---- | M] () -- C:\Users\Dom\Desktop\Odkurzacz.lnk
[2013/04/20 10:55:11 | 000,005,120 | ---- | M] (myN) -- C:\Users\Dom\AppData\Roaming\patcher02.patUpdater.exe
[2013/04/16 19:08:23 | 000,000,336 | ---- | M] () -- C:\Windows\SysWow64\secustat.dat
[2013/04/16 18:55:08 | 000,000,891 | ---- | M] () -- C:\Windows\SysWow64\secushr.dat
[2013/04/16 15:35:51 | 000,007,610 | ---- | M] () -- C:\Users\Dom\AppData\Local\Resmon.ResmonCfg
[2013/04/16 09:38:31 | 000,001,067 | ---- | M] () -- C:\Users\Dom\Desktop\PIT_Format_2012 — skrót.lnk
[2013/04/14 13:06:40 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\Path of Exile.lnk
[2013/04/14 09:04:18 | 000,000,146 | ---- | M] () -- C:\Users\Dom\Desktop\Intel® My WiFi Technology — skrót.lnk
[2013/04/12 15:38:53 | 000,000,600 | ---- | M] () -- C:\Users\Dom\AppData\Roaming\winscp.rnd
[2013/04/12 12:55:03 | 000,000,600 | ---- | M] () -- C:\Users\Dom\AppData\Local\PUTTY.RND
[2013/04/12 12:34:58 | 000,197,860 | ---- | M] () -- C:\Users\Dom\Desktop\Bez tytułuuuuu.jpg
[2013/04/10 11:35:54 | 000,000,463 | ---- | M] () -- C:\Users\Dom\SciTE.session
[2013/04/07 12:14:34 | 000,000,713 | ---- | M] () -- C:\Users\Dom\Desktop\TunnelBear.lnk
[2013/04/04 05:35:05 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/04/04 05:30:10 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/04/04 05:29:44 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/03/28 14:17:16 | 000,000,126 | ---- | M] () -- C:\Users\Dom\.drjava
[2013/03/27 23:06:58 | 000,000,000 | ---- | M] () -- C:\cookies.sqlite
[2013/03/27 12:36:03 | 000,000,912 | ---- | M] () -- C:\Windows\SysNative\CProgram Files (x86)PC Connectivity Solution;CProgram Files (x86)NVIDIA CorporationPhysXCommon;CProgram FilesCommon FilesMicrosoft SharedWindows Live;CProgram Files (x86)Common FilesMicrosoft SharedWind.lnk
[2013/03/27 12:28:45 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/03/27 12:28:43 | 001,085,344 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013/03/27 12:28:43 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013/03/27 12:28:43 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/03/27 12:28:43 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/03/27 12:28:43 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/03/27 12:12:50 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/03/27 12:12:50 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/03/22 17:30:55 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Zagraj w grę Shrek 2.lnk
[2013/03/18 21:21:14 | 000,001,299 | ---- | M] () -- C:\Users\Dom\Desktop\Kajko i Kokosz - Szkoła latania.lnk
[2013/03/18 18:37:24 | 000,000,017 | ---- | M] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2013/03/15 19:14:04 | 000,131,856 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys
[2013/03/09 13:40:49 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/23 11:16:47 | 000,001,025 | ---- | C] () -- C:\Users\Dom\Desktop\Odkurzacz.lnk
[2013/04/16 20:58:31 | 000,000,910 | ---- | C] () -- C:\Users\Dom\Desktop\Victima.lnk
[2013/04/16 15:35:51 | 000,007,610 | ---- | C] () -- C:\Users\Dom\AppData\Local\Resmon.ResmonCfg
[2013/04/16 09:38:31 | 000,001,067 | ---- | C] () -- C:\Users\Dom\Desktop\PIT_Format_2012 — skrót.lnk
[2013/04/14 13:06:40 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\Path of Exile.lnk
[2013/04/14 09:04:18 | 000,000,146 | ---- | C] () -- C:\Users\Dom\Desktop\Intel® My WiFi Technology — skrót.lnk
[2013/04/12 15:38:53 | 000,000,600 | ---- | C] () -- C:\Users\Dom\AppData\Roaming\winscp.rnd
[2013/04/12 12:34:58 | 000,197,860 | ---- | C] () -- C:\Users\Dom\Desktop\Bez tytułuuuuu.jpg
[2013/04/07 12:14:34 | 000,000,713 | ---- | C] () -- C:\Users\Dom\Desktop\TunnelBear.lnk
[2013/03/28 15:27:56 | 000,209,760 | ---- | C] () -- C:\Users\Dom\Desktop\Bez tytułu.jpg
[2013/03/28 14:03:57 | 000,000,126 | ---- | C] () -- C:\Users\Dom\.drjava
[2013/03/27 23:06:58 | 000,000,000 | ---- | C] () -- C:\cookies.sqlite
[2013/03/27 12:36:03 | 000,000,912 | ---- | C] () -- C:\Windows\SysNative\CProgram Files (x86)PC Connectivity Solution;CProgram Files (x86)NVIDIA CorporationPhysXCommon;CProgram FilesCommon FilesMicrosoft SharedWindows Live;CProgram Files (x86)Common FilesMicrosoft SharedWind.lnk
[2013/03/22 17:30:55 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Zagraj w grę Shrek 2.lnk
[2013/03/18 21:21:14 | 000,001,299 | ---- | C] () -- C:\Users\Dom\Desktop\Kajko i Kokosz - Szkoła latania.lnk
[2013/03/18 18:37:24 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2013/03/12 18:43:56 | 074,922,107 | ---- | C] () -- C:\Users\Dom\Desktop\Avast 7.0.1407 Internet Security Licencja 13.06.2013.rar
[2013/03/06 14:34:06 | 000,000,891 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2013/01/15 11:41:56 | 000,004,608 | ---- | C] () -- C:\Windows\ws2help.dll
[2013/01/15 11:41:56 | 000,000,012 | ---- | C] () -- C:\Windows\explorer.exe.local
[2012/12/30 14:51:28 | 001,056,768 | ---- | C] () -- C:\Windows\SysWow64\libmysql41.dll
[2012/12/30 14:51:28 | 000,280,576 | ---- | C] () -- C:\Windows\SysWow64\libmysql320.dll
[2012/12/30 14:51:28 | 000,245,760 | ---- | C] () -- C:\Windows\SysWow64\libmysql40.dll
[2012/12/30 14:51:28 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\libmysql323.dll
[2012/12/18 15:14:07 | 000,000,336 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2012/12/18 14:49:54 | 000,000,025 | ---- | C] () -- C:\Windows\emcore.INI
[2012/11/30 15:23:36 | 000,000,061 | ---- | C] () -- C:\Users\Dom\SciTEUser.properties
[2012/11/29 18:57:56 | 001,073,152 | ---- | C] () -- C:\Windows\SysWow64\libmysql_c.dll
[2012/11/20 17:13:30 | 048,179,170 | ---- | C] () -- C:\Users\Dom\game
[2012/11/07 03:40:22 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/11/07 03:40:16 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/10/10 10:17:24 | 000,000,463 | ---- | C] () -- C:\Users\Dom\SciTE.session
[2012/08/21 18:50:54 | 000,000,600 | ---- | C] () -- C:\Users\Dom\AppData\Local\PUTTY.RND
[2012/08/20 19:46:36 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2012/08/10 11:35:27 | 000,001,638 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/05/31 23:56:03 | 000,245,760 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll
[2012/05/31 23:56:02 | 000,024,576 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012/05/31 23:56:02 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2012/02/17 17:14:06 | 000,000,038 | ---- | C] () -- C:\Users\Dom\abbrev.properties
[2012/02/17 16:02:02 | 000,000,000 | ---- | C] () -- C:\Users\Dom\au3.keywords.user.abbreviations.properties
[2012/02/14 22:52:12 | 000,000,027 | ---- | C] () -- C:\Users\Dom\au3UserAbbrev.properties
[2012/02/11 22:52:00 | 000,035,840 | ---- | C] () -- C:\Windows\SysWow64\dokan.dll
[2011/05/12 09:11:47 | 001,640,270 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/02 02:21:18 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/05/02 02:21:15 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/05/02 02:21:12 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/05/02 02:21:09 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/05/02 02:21:06 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2010/03/27 17:22:54 | 000,014,905 | ---- | C] () -- C:\Users\Dom\au3abbrev.properties
[2010/01/02 23:16:12 | 000,000,111 | ---- | C] () -- C:\Users\Dom\au3.UserUdfs.properties
[2010/01/02 23:15:50 | 000,000,000 | ---- | C] () -- C:\Users\Dom\au3.user.calltips.api

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/05/12 09:54:37 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Fujitsu
[2011/05/12 09:54:37 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Fujitsu
[2013/04/23 11:27:12 | 000,000,000 | -H-D | M] -- C:\Users\Dom\AppData\Roaming\AE31AC31
[2013/03/21 20:48:17 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Aidem Media
[2013/02/05 03:15:09 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Balmora.pl
[2012/11/08 13:44:41 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Bioshock
[2013/04/19 11:38:00 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\BITS
[2012/11/30 20:45:23 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\CoreFTP
[2012/07/13 10:05:38 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\DAEMON Tools Lite
[2012/11/02 22:31:18 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\DMCache
[2013/04/18 13:05:26 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Ecov
[2012/08/24 13:58:05 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\ESET
[2012/10/15 12:17:16 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FarmHelper
[2013/04/12 13:13:37 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FileZilla
[2012/12/18 14:46:08 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\FlashgetSetup
[2011/05/12 09:54:37 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Fujitsu
[2012/06/04 10:51:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Fujitsu Launch Center
[2012/08/11 10:57:55 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Gadu-Gadu
[2012/08/11 11:04:13 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Gadu-Gadu 10
[2013/03/11 15:59:12 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\GanymedeNet
[2013/02/25 22:44:32 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\GG
[2013/02/27 14:53:52 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\GHISLER
[2012/11/07 03:35:25 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Leadertech
[2012/10/23 14:16:50 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\marcinc
[2013/04/16 19:44:03 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Moinyn
[2012/09/17 19:19:24 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\mp3DirectCut
[2012/09/16 13:25:49 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Need for Speed World
[2013/04/07 18:03:45 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\NetBeans
[2012/11/14 10:47:33 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Nokia
[2012/06/27 20:32:54 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Notepad++
[2013/01/05 02:12:08 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\ObviousIdea
[2013/02/05 23:07:54 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Opera
[2012/11/14 10:44:48 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\PC Suite
[2013/01/08 11:06:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Podatnik.info
[2013/04/18 11:38:09 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Quirv
[2012/08/14 06:53:52 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\RegistryKeys
[2013/04/16 20:03:38 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\runic games
[2013/01/05 01:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\SendSpace
[2012/10/15 11:51:49 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\SFBot
[2013/04/12 16:02:13 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\SoftGrid Client
[2013/04/23 11:27:12 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TeamViewer
[2012/06/04 11:31:26 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TP
[2013/01/16 17:40:20 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TuneUp Software
[2013/04/23 14:21:08 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\uTorrent
[2013/02/11 04:36:50 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\WinAVI
[2012/07/21 15:42:35 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Windows Live Writer
[2013/04/07 13:40:54 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\WinLive32
[2013/04/24 18:40:38 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Wise Disk Cleaner
[2012/10/11 12:05:15 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\WNR

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2013/03/16 18:17:17 | 000,000,000 | ---D | M](C:\Users\Dom\Documents\??? ????) -- C:\Users\Dom\Documents\Мои игры
[2013/03/16 18:17:17 | 000,000,000 | ---D | C](C:\Users\Dom\Documents\??? ????) -- C:\Users\Dom\Documents\Мои игры
[2012/10/23 07:12:52 | 000,000,000 | ---D | M](C:\Users\Dom\AppData\Local\?) -- C:\Users\Dom\AppData\Local\Ⴈ
[2012/10/23 07:12:52 | 000,000,000 | ---D | M](C:\Users\Dom\AppData\Local\?) -- C:\Users\Dom\AppData\Local\Ⴈ
(C:\Users\Dom\AppData\Local\?) -- C:\Users\Dom\AppData\Local\Ⴈ

========== Alternate Data Streams ==========

@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:373E1720
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:05EE1EEF

< End of report >

Extras

OTL Extras logfile created on: 4/25/2013 11:31:51 AM - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dom\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3.91 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 52.42% Memory free
7.83 Gb Paging File | 5.33 Gb Available in Paging File | 68.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100.00 Gb Total Space | 36.64 Gb Free Space | 36.64% Space Free | Partition Type: NTFS
Drive D: | 177.46 Gb Total Space | 64.77 Gb Free Space | 36.50% Space Free | Partition Type: NTFS

Computer Name: DOM-KOMPUTER | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [compress] -- C:\Program Files (x86)\KGB Archiver\kgb_arch_compress.exe "%1\"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [compress] -- C:\Program Files (x86)\KGB Archiver\kgb_arch_compress.exe "%1\"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UacDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D3C7444-1C69-4E59-916B-3BB637F4E1A1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1FDBB5DE-77A4-4BA7-BC1D-F516C4149DB1}" = lport=445 | protocol=6 | dir=in | app=system |
"{5A2ABC3B-B983-4F2F-858B-4F9EEF7507B9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5ABD13BD-EBB8-4544-AA23-8E1E4C19F8F7}" = rport=139 | protocol=6 | dir=out | app=system |
"{651DA4E3-D290-42D8-9ECF-B1483DB6A527}" = lport=137 | protocol=17 | dir=in | app=system |
"{76660C80-5B13-428B-A251-1F9A49B4ABD1}" = rport=445 | protocol=6 | dir=out | app=system |
"{A049EC57-EBE1-47F6-88A2-82989EDBB2AE}" = rport=137 | protocol=17 | dir=out | app=system |
"{C3642F39-5605-4E86-A500-DE31032DF621}" = lport=138 | protocol=17 | dir=in | app=system |
"{C5E8D838-E07E-48EB-A5F9-147C047555DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{C789ABC1-1764-4ACA-ADAB-251C5AA9AC1D}" = lport=139 | protocol=6 | dir=in | app=system |
"{CC4F8A4B-119A-4038-B22E-6130FBF55D3F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E92427A7-1A1E-4439-AE68-5A9408CEB32B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE217E2B-0876-4358-998C-B2EDA8CF1E6F}" = rport=138 | protocol=17 | dir=out | app=system |
"{FFF96442-F3C4-4DC5-9906-6EDA5BA31E71}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B6448D-D0EB-4EA4-9507-E2252F836FEC}" = protocol=6 | dir=in | app=d:\program files (x86)\metin2\metin2mod_2011sf.exe |
"{0337BC1C-82CC-4B38-8CBC-E02C425571B8}" = protocol=17 | dir=in | app=c:\users\dom\downloads\imperiummt2®\imperiummt2\imperiummt2.exe |
"{0941E5C9-4329-4F67-8A94-7FEC8A0F6964}" = protocol=6 | dir=in | app=c:\users\dom\downloads\imperiummt2®\imperiummt2\imperiummt2.exe |
"{09C6EE5F-EDAA-4ABE-82DE-05837D1B453E}" = dir=in | app=d:\program files (x86)\cdp.pl\farming simulator 2013\farmingsimulator2013game.exe |
"{0CE0CE75-E1B4-4ED3-A16F-E19BBD335DD2}" = protocol=6 | dir=in | app=c:\users\dom\downloads\divineworlduj\divineworld\metin2.bin |
"{0F14A346-D774-43EA-90F5-5ED020337329}" = protocol=17 | dir=in | app=c:\users\dom\downloads\tineshamt2 (1)\tineshamt2\tinesha.exe |
"{10E4B2C0-E972-49CE-958A-AD0B062CA50B}" = protocol=17 | dir=in | app=d:\program files (x86)\world of metin2\metin2.bin |
"{156BAD4F-3405-4186-845E-DDD4BBBB66CF}" = protocol=17 | dir=in | app=c:\users\dom\downloads\metin2philippines\metin2 philippines\metin2.bin |
"{17D87FE8-8503-4545-8E21-4BE0150A5BD7}" = protocol=17 | dir=in | app=c:\users\dom\downloads\client+virlord\client virlord\metin2.exe |
"{17D8FEF1-69E7-4495-9CE5-087C83E488C2}" = protocol=6 | dir=in | app=d:\program files (x86)\metin222\metin2.exe |
"{1C2B26E7-5C29-48E9-A7B1-214DD1108549}" = protocol=6 | dir=in | app=c:\users\dom\downloads\nexanityclient\nexanity\go.exe |
"{1C770D4D-E8F0-4728-8123-F48C99052891}" = protocol=6 | dir=in | app=d:\program files (x86)\world of metin2\metin2.exe |
"{1D4F7711-6672-46C5-A7C3-77A1526B57F4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{212E70B2-242A-4A94-8D33-6829368F980E}" = protocol=17 | dir=in | app=c:\users\dom\downloads\client+nevios+by+fataleq+(1)\client nevios by fataleq\aaaanevios.exe |
"{23F3D283-E018-4E75-8702-A5DD036366D9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{26D00537-1EBE-4595-AF21-4D4889B21665}" = protocol=6 | dir=in | app=c:\users\dom\downloads\animemt2\animemt2.pl\metin2mod_2011sf.exe |
"{2A480A95-A5B1-48D6-809C-CD5F840BAB96}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{2C9426FE-8493-4A8C-81A1-959C92C6F68D}" = dir=out | app=d:\program files (x86)\reality pump\two worlds ii\twoworlds2.exe |
"{2CEB65E5-C1C6-4F8F-B661-DFA44061275A}" = protocol=6 | dir=in | app=c:\users\dom\downloads\tuor_official\tuor2sdsdsxdfsss.exe |
"{2FA6A89B-A0BD-4689-AE8A-BB958205A7BF}" = protocol=17 | dir=in | app=c:\users\dom\downloads\xenoxt2client_13_04_2012_by_pawemol\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe |
"{331BA8FD-73E9-4BD3-A7A9-D95235CA706D}" = dir=in | app=d:\program files (x86)\cdp.pl\farming simulator 2013\farmingsimulator2013.exe |
"{3422F8DD-4E43-4DB7-BC2F-7F68F07CB55B}" = protocol=1 | dir=out | [email protected],-28544 |
"{352961E2-0D49-4035-BBE4-2C68EF87222E}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{362BA732-8732-452C-89DF-988BBC1D4D6A}" = protocol=6 | dir=in | app=c:\users\dom\downloads\legionmt2_new\legionmt2_new\metin2client.bin |
"{375CD665-0803-4F35-B33A-B29709F99D1C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{3882C133-C0F1-4234-99E6-D954C75E20F8}" = protocol=6 | dir=in | app=d:\program files (x86)\metin2ff\metin2.exe |
"{38F71E4A-4252-4B74-B60E-9AC034B5EED7}" = protocol=6 | dir=in | app=c:\users\dom\downloads\imperiummt2®\imperiummt2\metin2.bin |
"{3A7F0D1C-5F22-4D5B-8F5F-00F64689CA27}" = protocol=17 | dir=in | app=c:\users\dom\downloads\divineworld\divineworld\metin2.exe |
"{3A973A84-42FC-46C2-B702-ABCCA3D7C03A}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{3BD8C53D-B759-4978-918C-7F81F7A553CB}" = protocol=17 | dir=in | app=d:\program files (x86)\world of metin2\metin2.exe |
"{3BDAEFB5-531A-49B3-B2C6-2272D1A90C37}" = protocol=6 | dir=in | app=c:\users\dom\downloads\client+nervil\client nervil\!start nervil.exe |
"{3CF1F8EC-5EA3-45BA-AFBA-E57564976322}" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe |
"{3E7A3DE2-2913-47BF-89B3-B2EB4F72FBBD}" = protocol=17 | dir=in | app=c:\users\dom\downloads\tuor_official\tuor2sdsdsxdfsss.exe |
"{3E851BF1-A700-4A1D-B72E-A019D4BB0A7D}" = protocol=17 | dir=in | app=c:\users\dom\downloads\nitem2.pl\nitem2.pl\nitem2.pl.exe |
"{3F3186AC-8B16-4C9E-ADAF-8FE632BCF5D6}" = protocol=17 | dir=in | app=c:\users\dom\downloads\tuor_official\metin2.bin |
"{3F841CF7-4458-43E0-A320-C4F759FAE0F0}" = protocol=17 | dir=in | app=c:\users\dom\downloads\client canopymt2\client canopymt2\canopymt2.exe |
"{415D9283-1EF4-4310-AE57-0C331015C9CC}" = protocol=17 | dir=in | app=c:\users\dom\downloads\legionmt2_new\legionmt2_new\metin2client.bin |
"{41AD74B9-F921-46F7-A74A-146025C9FAC0}" = protocol=17 | dir=in | app=d:\program files (x86)\metin2\metin2.bin |
"{436DC7AD-46C9-484C-8FAE-46837EDCEFB4}" = protocol=17 | dir=in | app=c:\users\dom\downloads\legionmt2_new\legionmt2_new\metin2client.exe |
"{458448FE-04FF-413E-87B6-AA1CB40D06D8}" = protocol=17 | dir=in | app=d:\program files (x86)\metin2ff\metin2.exe |
"{465F68AC-D581-4D33-85ED-E90FC605CECB}" = protocol=6 | dir=in | app=d:\darek gry\azmal.pl client\azmal.pl client\metin2.bin |
"{4799BB04-418E-49B3-ABF7-D7201E11B9DA}" = protocol=17 | dir=in | app=d:\program files (x86)\balmora\metin2client.dll |
"{4842DF12-9713-4BFA-92C1-0954CE1FC722}" = protocol=6 | dir=in | app=c:\users\dom\downloads\animemt2\animemt2.pl\metin2.bin |
"{4961BCB2-05E4-4F8B-B1FA-40A696A0BD4B}" = protocol=17 | dir=in | app=c:\program files (x86)\intel\bluetooth\btplayerctrl.exe |
"{4ADF0312-CA6D-4A52-B031-F5AAAF1DE5AF}" = protocol=6 | dir=in | app=d:\program files (x86)\world of metin2\metin2.bin |
"{4CD07BDD-58BF-4460-BEE8-807A7C19F464}" = protocol=6 | dir=in | app=d:\darek gry\azmal.pl client\azmal.pl client\metin2mod_2011sf.exe |
"{4EDFF3A4-9C47-48A3-95DB-6A703A59164E}" = protocol=17 | dir=in | app=d:\downloads\destructiv - nowy client 2013-03-17\destructiv - nowy client 2013-03-17\metin2.bin |
"{501FBF96-934B-4A3F-A5B1-EF047D6123C9}" = protocol=1 | dir=in | [email protected],-28543 |
"{57B286BC-A18B-4388-B59F-6A1483A6941E}" = protocol=17 | dir=in | app=c:\users\dom\downloads\aquarius(1)\aquarius\aquarius.bin |
"{58633943-B561-44FD-A87E-B96A93601108}" = protocol=6 | dir=in | app=c:\users\dom\downloads\client+virlord\client virlord\metin2mod_2011sf.exe |
"{5A202B9D-E987-4801-97CC-D234EA98EE55}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{5B922136-3309-499A-93F2-D1F975E7C9AA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{5BF9273F-ABB5-4056-9D26-BC1755A27497}" = protocol=6 | dir=in | app=d:\program files (x86)\balmora\metin2client.dll |
"{608C397B-115C-42D4-B57D-3733C3273F7C}" = protocol=6 | dir=in | app=d:\java\drjava\drjava-stable-20040326.exe |
"{61B58812-327B-434A-AB52-811B120FEE6D}" = protocol=6 | dir=in | app=c:\users\dom\downloads\client+nervil\client nervil\metin2mod_2011sf.exe |
"{64F6230C-1224-40A2-8746-9961A5D35FA6}" = protocol=17 | dir=in | app=c:\users\dom\downloads\divineworlduj\divineworld\metin2mod_2011sf.exe |
"{6576B1BE-77F7-477D-9269-668D5D87C766}" = protocol=6 | dir=in | app=c:\users\dom\downloads\divineworld\divineworld\metin2.bin |
"{6B99FAF0-FD02-453D-9283-35491BA01CC8}" = protocol=17 | dir=in | app=c:\users\dom\downloads\imperiummt2®\imperiummt2\metin2.bin |
"{6E7F988D-C4A0-44BD-9522-6E160ED88CA7}" = protocol=17 | dir=in | app=d:\darek gry\divineworld\divineworld\metin2mod_2011sf.exe |
"{70761430-1803-405C-8512-C334210A0FDA}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{71561B7C-8334-45EA-A94C-4A80662A39F2}" = protocol=17 | dir=in | app=d:\java\drjava\drjava-stable-20040326.exe |
"{71A38E5D-7266-4530-8185-6301D1B2890A}" = protocol=6 | dir=in | app=c:\users\dom\downloads\deliciouse2+2013+client+new\deliciouse2 2013 client\metin2mod_2011sf.exe |
"{727A8BEE-6249-4845-A377-A7FAD83F9D0E}" = protocol=17 | dir=in | app=c:\users\dom\downloads\tineshamt2 (1)\tineshamt2\aaaaatinesha.exe |
"{75BBDD72-E604-4DEE-AD17-A07EE632115E}" = protocol=6 | dir=in | app=c:\users\dom\downloads\divineworlduj\divineworld\metin2mod_2011sf.exe |
"{7793318C-0BFB-4BCD-8F67-7EEA55E13A30}" = protocol=6 | dir=in | app=c:\users\dom\downloads\tineshamt2 (1)\tineshamt2\tinesha.exe |
"{79B919AC-1015-4621-A074-582B23E57719}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7A05A726-A746-4721-9048-0C537E1E01C5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{7AA70303-0DC5-4E2A-90F3-209A9539C911}" = protocol=17 | dir=in | app=c:\users\dom\downloads\divineworld\divineworld\metin2mod_2011sf.exe |
"{7AE4ADD6-3D14-4FD9-B54B-32755DC8D312}" = protocol=17 | dir=in | app=c:\users\dom\downloads\client+virlord\client virlord\metin2mod_2011sf.exe |
"{7B398535-007A-4B95-A876-4C0BBB550567}" = protocol=6 | dir=in | app=c:\users\dom\downloads\tineshamt2 (1)\tineshamt2\aaaaatinesha.exe |
"{7B76E38E-CAAA-471C-BCF1-6A25B9A5791F}" = protocol=17 | dir=in | app=c:\users\dom\downloads\deliciouse2+2013+client+new\deliciouse2 2013 client\deliciouse2.exe |
"{7D79A05B-CAAF-4028-A564-11211AADDA77}" = protocol=6 | dir=in | app=c:\users\dom\downloads\client+virlord\client virlord\metin2.exe |
"{7F15B47E-5BF9-491A-9201-196133556063}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{831D844F-2F7D-43FB-A682-B1A66F5EFBB5}" = protocol=6 | dir=in | app=c:\users\dom\downloads\animemt2\animemt2.pl\anime.exe |
"{8A27CD27-A3C7-41B8-9FA1-2628F561D809}" = protocol=6 | dir=in | app=c:\users\dom\downloads\metin2philippines\metin2 philippines\metin2mod_2011sf.exe |
"{8B819D2E-B15B-4413-9738-0A8AA4212B48}" = protocol=17 | dir=in | app=c:\program files (x86)\fujitsu\fujitsu hotkey utility\indicatoruty.exe |
"{8D838E4A-48B5-4087-A4F4-B600F347EC11}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{90EA52E4-3EE1-4D1B-AAAA-24F4DAFB0056}" = protocol=17 | dir=in | app=d:\darek gry\azmal.pl client\azmal.pl client\metin2mod_2011sf.exe |
"{90F52B9F-782D-4239-9103-25F0AC00D585}" = dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe |
"{923A1D41-34D6-4118-849C-E5D6578DFF87}" = protocol=6 | dir=in | app=c:\users\dom\downloads\nexanityclient\nexanity\nexanity.exe |
"{93BFB878-AAC4-45FC-A1AC-22EB3CCB11E2}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{941F08A3-A2C5-4470-B377-FFEC8D695065}" = protocol=6 | dir=in | app=d:\program files (x86)\metin2\metin2client.bin |
"{9791E3C3-06B2-46D5-A7CD-47D3E0C35386}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{97930A44-6673-4577-BBF7-F72736432023}" = protocol=17 | dir=in | app=c:\users\dom\downloads\nadius.pl+client\client.bin |
"{995940D1-8CEA-43AA-9C23-ED6E4E18C3F7}" = protocol=6 | dir=in | app=c:\users\dom\downloads\nitem2.pl\nitem2.pl\nitem2.pl.exe |
"{9B351983-C522-44E0-B42C-49C0EA7C9353}" = protocol=17 | dir=in | app=c:\users\dom\downloads\divineworlduj\divineworld\metin2.bin |
"{9CE788C0-F2DF-4B2F-A6E8-E4403990B267}" = protocol=6 | dir=in | app=c:\users\dom\downloads\xenoxt2client_13_04_2012_by_pawemol\xenoxmt2client_11.02.2012r_by_pawemol\xenoxmt2 launcher.exe |
"{9D477351-8D68-4E2A-A96D-FB415A3A8D20}" = protocol=17 | dir=in | app=c:\users\dom\downloads\animemt2\animemt2.pl\anime.exe |
"{9FF9B70B-70AE-4DF0-B0A1-A04FC59F7369}" = protocol=17 | dir=in | app=c:\users\dom\downloads\client+nervil\client nervil\metin2mod_2011sf.exe |
"{A0014F5A-C27C-4019-85F2-2638109E80D2}" = protocol=17 | dir=in | app=d:\program files (x86)\metin2\metin2client.bin |
"{A2172B98-371B-4C52-AFB1-B809FA2E6543}" = protocol=6 | dir=in | app=c:\program files (x86)\intel\bluetooth\btplayerctrl.exe |
"{A2C8B7A4-9ABF-4A88-BEF0-1F92ABD79820}" = protocol=17 | dir=in | app=c:\users\dom\downloads\rykox-mt2\rykox-mt2\rykox-mt2.exe |
"{A464DA5D-0C47-4B41-B70E-13D8DD0E5A5E}" = protocol=17 | dir=in | app=c:\users\dom\downloads\deliciouse2+2013+client+new\deliciouse2 2013 client\metin2mod_2011sf.exe |
"{A5A53B2F-4EC3-4413-8273-0DF0EE2B2995}" = protocol=17 | dir=in | app=c:\users\dom\downloads\port map\port map\portmap.exe |
"{A6E5D8E5-398B-4929-8B90-048EC2D195A7}" = protocol=17 | dir=in | app=c:\users\dom\downloads\animemt2\animemt2.pl\metin2mod_2011sf.exe |
"{A7520080-D549-4F2C-A66D-D28650732C9A}" = protocol=17 | dir=in | app=d:\darek gry\azmal.pl client\azmal.pl client\metin2.bin |
"{A81A4F0E-77DD-4885-895D-4A4BCA3DB8D3}" = protocol=17 | dir=in | app=d:\program files (x86)\metin2\metin2mod_2011sf.exe |
"{A8FBF7C7-91A8-4E82-B158-27F02405D73F}" = protocol=17 | dir=in | app=c:\users\dom\downloads\client+virlord\client virlord\metin2.bin |
"{AD576577-7128-4F84-A1CF-E69DFFD4E14E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{AD94E13D-E01C-46B6-86D6-C2B7257EEB37}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{ADFCF2CF-24E9-4457-B8CE-AE2B5918A62F}" = protocol=17 | dir=in | app=c:\users\dom\downloads\metin2philippines\metin2 philippines\metin2mod_2011sf.exe |
"{AEA2B801-3CAD-4D6A-A100-FE4C1E424452}" = protocol=17 | dir=in | app=c:\users\dom\downloads\divineworlduj\divineworld\metin2.exe |
"{AEE916E4-8268-4C87-BD7F-9DD8FAC28BF5}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{B1367F91-6C8E-418C-BF42-5984073A9DED}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{B9831465-83BB-4A47-AE1A-D0C5BF9E929C}" = protocol=6 | dir=in | app=c:\users\dom\downloads\tuor_official\metin2.bin |
"{BE1E03F6-E671-401C-A72F-164D1DC62FEF}" = protocol=6 | dir=in | app=c:\users\dom\downloads\deliciouse2+2013+client+new\deliciouse2 2013 client\deliciouse2.exe |
"{C009749A-2471-431F-8F1C-1F9962DF5DB3}" = protocol=17 | dir=in | app=c:\users\dom\downloads\nexanityclient\nexanity\nexanity.exe |
"{C1C9AD29-006B-4374-AD8D-275FF71AD336}" = protocol=17 | dir=in | app=c:\users\dom\downloads\animemt2\animemt2.pl\metin2.bin |
"{C2E7DAC7-9053-42ED-A1DC-6F75381D9F81}" = protocol=6 | dir=in | app=c:\users\dom\downloads\legionmt2_new\legionmt2_new\metin2client.exe |
"{C3681A7A-F5ED-4DE6-BB49-B42C12181188}" = protocol=17 | dir=in | app=c:\users\dom\downloads\nadius.pl+client\client.exe |
"{C4D13BC0-ADD9-4487-9512-621531F5B7BF}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{C5615AB4-5B86-462F-99A8-ED1C506FC051}" = protocol=17 | dir=in | app=d:\program files (x86)\metin222\metin2.exe |
"{CFAF4F92-0F61-4004-9603-2855C71FE181}" = protocol=6 | dir=in | app=d:\downloads\destructiv - nowy client 2013-03-17\destructiv - nowy client 2013-03-17\metin2.bin |
"{D01BAFF6-C002-42A5-B7AA-154264ED81FD}" = protocol=58 | dir=out | [email protected],-28546 |
"{D21A5014-843A-4CF9-B69A-CFDE9E77EDA3}" = protocol=6 | dir=in | app=c:\users\dom\downloads\aquarius(1)\aquarius\aquarius.bin |
"{D4731D21-42D5-4307-BEF2-3E4B60473456}" = protocol=6 | dir=in | app=d:\program files (x86)\w moj server mt2\metin2.bin |
"{D66EF905-3E34-47D7-9548-CD0725AA8251}" = protocol=6 | dir=in | app=d:\program files (x86)\metin2\metin2.bin |
"{D832A0B5-1370-4C11-8D30-DF88C5EA1B96}" = protocol=17 | dir=in | app=c:\users\dom\downloads\client+nervil\client nervil\!start nervil.exe |
"{D84B0DF4-664B-4792-BDB8-6C07ABFFAFEC}" = protocol=6 | dir=in | app=d:\darek gry\glador client\glador client\metin2mod_2011sf.exe |
"{D851D60C-DC04-4540-B9D4-C4B297A615DE}" = protocol=6 | dir=in | app=c:\users\dom\downloads\divineworld\divineworld\metin2mod_2011sf.exe |
"{DB8935FB-CB52-4570-AE44-5206D542ADFE}" = protocol=6 | dir=in | app=c:\users\dom\downloads\divineworlduj\divineworld\metin2.exe |
"{DF2241D5-E571-4E97-9B7B-623541D32808}" = protocol=6 | dir=in | app=d:\darek gry\divineworld\divineworld\metin2mod_2011sf.exe |
"{DFFE9147-E55E-47A0-B08A-0A2A622DCED9}" = protocol=6 | dir=in | app=c:\users\dom\downloads\client+virlord\client virlord\metin2.bin |
"{E045EE5A-87A7-4F2C-94BE-F2AD03C7C0E1}" = protocol=17 | dir=in | app=d:\darek gry\glador client\glador client\metin2mod_2011sf.exe |
"{E3D3D6FA-1C1C-4794-B53C-83D86048DB39}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{E43EE068-AFB5-4922-9F78-230B267166CA}" = protocol=6 | dir=in | app=c:\users\dom\downloads\port map\port map\portmap.exe |
"{E4E7EEC9-CA61-47FB-ACF0-D4852D1B958D}" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe |
"{E60EDE4C-7851-4995-B344-B6AA6D722479}" = protocol=6 | dir=in | app=c:\users\dom\downloads\rykox-mt2\rykox-mt2\rykox-mt2.exe |
"{E7B940E6-2D5F-41D2-9C8F-B4D66592D8FB}" = protocol=17 | dir=in | app=c:\users\dom\downloads\nexanityclient\nexanity\go.exe |
"{EA47D5A2-AF29-495C-B2CD-E7A0C606B13B}" = protocol=6 | dir=in | app=c:\users\dom\downloads\nadius.pl+client\client.bin |
"{EAC1BBF9-5916-4998-8344-F579467CE7D2}" = protocol=6 | dir=in | app=d:\darek gry\glador client\glador client\ijl16c.dll |
"{EC4702D2-0CA5-4455-8E08-511337C019C4}" = protocol=6 | dir=in | app=c:\users\dom\downloads\divineworld\divineworld\metin2.exe |
"{ED675EA7-9030-41A7-B18A-F48F37F81B2F}" = protocol=6 | dir=in | app=c:\users\dom\downloads\client canopymt2\client canopymt2\canopymt2.exe |
"{ED8F54DF-A653-4BD1-984D-74C19E964477}" = protocol=6 | dir=in | app=c:\program files (x86)\fujitsu\fujitsu hotkey utility\indicatoruty.exe |
"{EED92A27-45FD-48C9-BF03-ECAE0A227144}" = protocol=6 | dir=in | app=c:\users\dom\downloads\metin2philippines\metin2 philippines\metin2.bin |
"{F05EA7BB-D6EE-4F9E-B54B-9D9A484EA50A}" = protocol=17 | dir=in | app=d:\program files (x86)\w moj server mt2\metin2.bin |
"{F068AE37-9723-4718-AB0C-93437B1E5F6A}" = protocol=17 | dir=in | app=c:\users\dom\downloads\divineworld\divineworld\metin2.bin |
"{F0E0206C-EE85-4147-B1C5-0D6CB73AE8CC}" = protocol=6 | dir=in | app=c:\users\dom\downloads\client+nevios+by+fataleq+(1)\client nevios by fataleq\aaaanevios.exe |
"{F2835FC4-BDD5-40E3-BD35-72C71B72E196}" = protocol=17 | dir=in | app=d:\darek gry\glador client\glador client\ijl16c.dll |
"{F2B31EDF-7A01-46B2-9290-B473B1DF8E01}" = protocol=6 | dir=in | app=c:\users\dom\downloads\nadius.pl+client\client.exe |
"{F2CAB18B-0FC9-448D-83E9-640FF92760D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\half-life\hl.exe |
"{FB5A1E4D-C6C5-4B26-AA8D-43B0AFB4948D}" = protocol=58 | dir=in | [email protected],-28545 |
"TCP Query User{00CA0D1F-3911-4FB9-9F69-19C3DB204E5E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{0E106243-3AE0-4193-8A77-4EC25A1D3654}D:\downloads\destructiv - nowy client 2013-03-17\destructiv - nowy client 2013-03-17\metin2.bin" = protocol=6 | dir=in | app=d:\downloads\destructiv - nowy client 2013-03-17\destructiv - nowy client 2013-03-17\metin2.bin |
"TCP Query User{1997D2FA-CFCD-4D8D-9543-717B5D87054E}D:\darek gry\divineworld\divineworld\metin2mod_2011sf.exe" = protocol=6 | dir=in | app=d:\darek gry\divineworld\divineworld\metin2mod_2011sf.exe |
"TCP Query User{238E77E6-ADBB-4EA3-A813-7ACB2A4B298E}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |
"TCP Query User{26A6487A-91ED-45B4-9222-37179CBEAD15}D:\program files (x86)\w moj server mt2\metin2.bin" = protocol=6 | dir=in | app=d:\program files (x86)\w moj server mt2\metin2.bin |
"TCP Query User{4994F9C0-97F0-485E-94F7-20C14347851F}D:\java\drjava\drjava-stable-20040326.exe" = protocol=6 | dir=in | app=d:\java\drjava\drjava-stable-20040326.exe |
"TCP Query User{5971BC82-8C99-48E3-90FA-D3B77602D6B3}D:\downloads\software\yt2wz_lsnc_20100423\倚天2外传\metin2.bin" = protocol=6 | dir=in | app=d:\downloads\software\yt2wz_lsnc_20100423\倚天2外传\metin2.bin |
"TCP Query User{5CBC44BE-F30E-453F-993B-0155B64A7AAC}D:\darek gry\glador client\glador client\metin2mod_2011sf.exe" = protocol=6 | dir=in | app=d:\darek gry\glador client\glador client\metin2mod_2011sf.exe |
"TCP Query User{81CED8D0-9CDE-4BDD-A416-A1EB4F7D1371}C:\Program Files (x86)\Fujitsu\fujitsu hotkey utility\indicatoruty.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fujitsu\fujitsu hotkey utility\indicatoruty.exe |
"TCP Query User{87E8EE7B-95C6-4B06-A224-52EDB3E80898}D:\program files (x86)\world of metin2\metin2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\world of metin2\metin2.exe |
"TCP Query User{8D98B5A4-6B8E-43CB-AF3A-6A7B292065E4}D:\program files (x86)\world of metin2\metin2.bin" = protocol=6 | dir=in | app=d:\program files (x86)\world of metin2\metin2.bin |
"TCP Query User{A2428E62-0C3E-435C-B10D-818FAE92AB37}D:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe" = protocol=6 | dir=in | app=d:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe |
"TCP Query User{C1197D0C-68D6-45FC-B0BF-D4D4A45F5A51}D:\darek gry\divineworld\divineworld\metin2.bin" = protocol=6 | dir=in | app=d:\darek gry\divineworld\divineworld\metin2.bin |
"TCP Query User{C74A60AC-E972-4ECA-8997-0990FE9D80F4}C:\Program Files (x86)\Intel\bluetooth\btplayerctrl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\intel\bluetooth\btplayerctrl.exe |
"TCP Query User{D17DC191-5B01-4106-932F-490005A3E8A0}D:\darek gry\glador client\glador client\ijl16c.dll" = protocol=6 | dir=in | app=d:\darek gry\glador client\glador client\ijl16c.dll |
"TCP Query User{E40CEA16-F1EA-40D3-A132-59F6770D7F0A}D:\program files (x86)\metin222\metin2.exe" = protocol=6 | dir=in | app=d:\program files (x86)\metin222\metin2.exe |
"UDP Query User{04924FB8-4FB0-4085-8C7A-4AB21EA40DD1}D:\darek gry\divineworld\divineworld\metin2mod_2011sf.exe" = protocol=17 | dir=in | app=d:\darek gry\divineworld\divineworld\metin2mod_2011sf.exe |
"UDP Query User{15658E78-0492-4C71-9DB5-8ECA9BFE3D9A}D:\downloads\software\yt2wz_lsnc_20100423\倚天2外传\metin2.bin" = protocol=17 | dir=in | app=d:\downloads\software\yt2wz_lsnc_20100423\倚天2外传\metin2.bin |
"UDP Query User{1ECD79B7-9424-4A14-8EBF-47D32BA505B6}D:\darek gry\glador client\glador client\metin2mod_2011sf.exe" = protocol=17 | dir=in | app=d:\darek gry\glador client\glador client\metin2mod_2011sf.exe |
"UDP Query User{2254217C-355C-4B37-8B91-D80CABE9A6BE}D:\program files (x86)\world of metin2\metin2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\world of metin2\metin2.exe |
"UDP Query User{265341C4-1A68-42AE-B32F-1A0EB5AA4344}D:\darek gry\divineworld\divineworld\metin2.bin" = protocol=17 | dir=in | app=d:\darek gry\divineworld\divineworld\metin2.bin |
"UDP Query User{7D7B3BF3-E555-4608-8107-68C76110F122}D:\downloads\destructiv - nowy client 2013-03-17\destructiv - nowy client 2013-03-17\metin2.bin" = protocol=17 | dir=in | app=d:\downloads\destructiv - nowy client 2013-03-17\destructiv - nowy client 2013-03-17\metin2.bin |
"UDP Query User{839B45B5-F96B-44E0-A192-85E1A61F3949}D:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe" = protocol=17 | dir=in | app=d:\program files (x86)\rockstar games\gta san andreas\gta_sa.exe |
"UDP Query User{88C9F29C-E40B-44CA-A451-6281FE67DC50}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{8F140613-E079-4B3E-99BD-90E870438A89}D:\program files (x86)\metin222\metin2.exe" = protocol=17 | dir=in | app=d:\program files (x86)\metin222\metin2.exe |
"UDP Query User{9B946637-3C29-4D1E-B5A5-5AF5484B9E60}D:\program files (x86)\world of metin2\metin2.bin" = protocol=17 | dir=in | app=d:\program files (x86)\world of metin2\metin2.bin |
"UDP Query User{A28D88C9-0A28-4700-BD1C-FFA082F808D3}C:\Program Files (x86)\Intel\bluetooth\btplayerctrl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\intel\bluetooth\btplayerctrl.exe |
"UDP Query User{AA608043-80C8-4C62-80A3-5A62778E1639}D:\darek gry\glador client\glador client\ijl16c.dll" = protocol=17 | dir=in | app=d:\darek gry\glador client\glador client\ijl16c.dll |
"UDP Query User{AE199C0B-75F0-434D-AC74-E70E5ED3D088}D:\program files (x86)\w moj server mt2\metin2.bin" = protocol=17 | dir=in | app=d:\program files (x86)\w moj server mt2\metin2.bin |
"UDP Query User{BC07300A-99EC-49EB-992A-C7FEBD62AA57}D:\java\drjava\drjava-stable-20040326.exe" = protocol=17 | dir=in | app=d:\java\drjava\drjava-stable-20040326.exe |
"UDP Query User{C2E4732A-2B69-45C9-BD90-B296222A3091}C:\Program Files (x86)\Fujitsu\fujitsu hotkey utility\indicatoruty.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fujitsu\fujitsu hotkey utility\indicatoruty.exe |
"UDP Query User{CACC6D91-0A33-4F70-BBBF-533F704955F2}C:\program files (x86)\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\flashget network\flashget 3\flashget3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}" = Intel® PROSet/Wireless WiFi Software
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{64A3A4F4-B792-11D6-A78A-00B0D0170170}" = Java SE Development Kit 7 Update 17 (64-bit)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0415-1000-0000000FF1CE}" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A5FADEAC-B0A9-4C27-A8B5-05381A339F4E}" = Plugfree NETWORK
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = µTorrent

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25680C01-6753-4FE9-A891-7857F26457C1}" = Intel® WiDi
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37993A79-5D36-4227-B8E8-9BDE95B2CE45}" = Bolek i Lolek - Alfabet i nauka czytania
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{49A588CF-5FD4-4774-BFBF-0764287DE82B}" = Power Saving Utility
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}" = Anytime USB Charge Utility
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7774A6A9-CE0D-4544-9A29-84351BAE184A}" = Shrek 2
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{8B531332-0D5D-4B3B-A22C-8330DEA695A7}" = LogMeIn Hamachi
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0415-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Polski
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Polish
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALLPlayer_is1" = ALLPlayer V4.X
"ASCII Art Generator_is1" = ASCII Art Generator 3.2.2
"AutoItv3" = AutoIt v3.3.8.1
"avast" = avast! Internet Security
"DAEMON Tools Lite" = DAEMON Tools Lite
"DeskUpdate_is1" = DeskUpdate 4.11
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{7774A6A9-CE0D-4544-9A29-84351BAE184A}" = Shrek 2
"InstallShield_{AFFC0877-D62C-4A7D-A11F-1E73B5800D13}" = Bioshock
"InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}" = Fujitsu Hotkey Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"KajkoiKokoszSL_is1" = Kajko i Kokosz - Szkoła latania v. 1.027
"KGB Archiver_is1" = KGB Archiver 1.2.1.24
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.4.4
"LogMeIn Hamachi" = LogMeIn Hamachi
"Metin2_is1" = Metin2
"Mozilla Firefox 20.0.1 (x86 pl)" = Mozilla Firefox 20.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MTA:SA 1.3" = MTA:SA v1.3.1
"Notepad++" = Notepad++
"Odkurzacz 13.3_is1" = Odkurzacz
"Office14.Click2Run" = Moduł Szybka instalacja pakietu Microsoft Office 2010
"PIT Format 2012_is1" = PIT Format 2012
"PremiumSoft Navicat for MySQL_is1" = PremiumSoft Navicat 10.1 for MySQL
"QuicktimeAlt_is1" = QuickTime Alternative 2.9.2
"RealPlayer 15.0" = RealPlayer
"SciTE4AutoIt3" = SciTE4AutoIt3 6/10/2012
"SP_ccfde35c" = Search Assistant SimpleSpeedy 1.74
"SpeedyDrive" = Speedy Drive (remove only)
"Steam App 10" = Counter-Strike
"SubEdit-Player_is1" = SubEdit-Player
"TeamViewer 8" = TeamViewer 8
"TuneUp Utilities 2012_is1" = TuneUp Utilities 2012 wersja 12.0.3500.29
"TunnelBear" = TunnelBear 1.0.38
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.11 (32-bitowy)
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 7.73
"World of Metin2" = World of Metin2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DDFinal" = DDFinal

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2/1/2013 12:44:19 PM | Computer Name = Dom-Komputer | Source = Application Hang | ID = 1002
Description = Program aresthia.bin w wersji 0.0.0.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: 1624 Godzina rozpoczęcia: 01ce00931249d8d4 Godzina zakończenia:
75 Ścieżka aplikacji: D:\Downloads\Oficjalny Klient Aresthia by Fataleq\Client Aresthia
by Fataleq\aresthia.bin Identyfikator raportu:

Error - 2/1/2013 6:54:27 PM | Computer Name = Dom-Komputer | Source = Application Hang | ID = 1002
Description = Program opera.exe w wersji 12.13.1734.0 zatrzymał interakcję z systemem
Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji
dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum
akcji. Identyfikator procesu: 1280 Godzina rozpoczęcia: 01ce00cd96249e88 Godzina zakończenia:
105 Ścieżka aplikacji: C:\Program Files (x86)\Opera\opera.exe Identyfikator raportu:
1792dfa7-6cc2-11e2-a33e-4c809354acd0

Error - 2/2/2013 3:50:21 AM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2/2/2013 8:57:08 AM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2/3/2013 2:44:19 PM | Computer Name = Dom-Komputer | Source = Application Hang | ID = 1002
Description = Program GameMasterPanel III.exe w wersji 3.3.6.0 zatrzymał interakcję
z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej
informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania
Centrum akcji. Identyfikator procesu: 11bc Godzina rozpoczęcia: 01ce023d4c20373b Godzina
zakończenia: 11 Ścieżka aplikacji: C:\Users\Dom\Downloads\GameMasterPanel III
SF 2010\GameMasterPanel III
SF 2010\GameMasterPanel III.exe Identyfikator raportu:

Error - 2/4/2013 4:43:31 AM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2/4/2013 6:34:27 AM | Computer Name = Dom-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: hamachi-2.exe, wersja: 2.1.0.296,
sygnatura czasowa: 0x50cafa9f Nazwa modułu powodującego błąd: ntdll.dll, wersja:
6.1.7601.17725, sygnatura czasowa: 0x4ec4aa8e Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x000000000004e4b4 Identyfikator procesu powodującego błąd: 0x570 Godzina
uruchomienia aplikacji powodującej błąd: 0x01ce02b395f1029e Ścieżka aplikacji powodującej
błąd: C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe Ścieżka modułu powodującego
błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: 729c6fee-6eb6-11e2-bc5d-4c809354acd0

Error - 2/4/2013 6:36:10 AM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2/4/2013 7:25:58 AM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2/4/2013 1:00:00 PM | Computer Name = Dom-Komputer | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 4/25/2013 5:46:51 AM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
następujący błąd: %%126

Error - 4/25/2013 5:47:21 AM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
następujący błąd: %%126

Error - 4/25/2013 5:47:51 AM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
następujący błąd: %%126

Error - 4/25/2013 5:48:22 AM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
następujący błąd: %%126

Error - 4/25/2013 5:48:52 AM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
następujący błąd: %%126

Error - 4/25/2013 5:49:22 AM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
następujący błąd: %%126

Error - 4/25/2013 5:49:52 AM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
następujący błąd: %%126

Error - 4/25/2013 5:50:22 AM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
następujący błąd: %%126

Error - 4/25/2013 5:50:52 AM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
następujący błąd: %%126

Error - 4/25/2013 5:51:22 AM | Computer Name = Dom-Komputer | Source = Service Control Manager | ID = 7023
Description = Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił
następujący błąd: %%126

< End of report >

SmokeEveryDay · 26 Kwietnia 2013

@ refff

SmokeEveryDay · 26 Kwietnia 2013

Co chwile czyszce rejestry czy to tune up czy to odkurzaczem, robie to regularnie

Server metin2 i jak widac gg, smieci po gg ;x Bo nie uzywam inststalki gg tylko na www

Fr3shMak3r · 26 Kwietnia 2013

Uruchom OTL i w Oknie Własne Opcje Skanowania :

:OTL
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O7 - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object)
 
:Reg
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2]

:Commands
[emptytemp]
[resethosts]

I klik na wykonaj skrypt zatwierdź restart i pokazujesz log z usuwania + nowy log OTL .
Dorzuć jeszcze log GMER i sprawdź ten plik na virustotal.com

C:\Windows\explorer.exe.local

SmokeEveryDay · 27 Kwietnia 2013

log

All processes killed

========== OTL ==========

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.

Registry value HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.

Registry value HKEY_USERS\S-1-5-21-323826620-2306945312-2335366591-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!

Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}

C:\Windows\Downloaded Program Files\swflash64.inf not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.

========== REGISTRY ==========

Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2\ deleted successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Dom

->Temp folder emptied: 11972625 bytes

->Temporary Internet Files folder emptied: 648855 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 5958924 bytes

->Google Chrome cache emptied: 153678747 bytes

->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes

%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 164.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 04272013_205512

Files\Folders moved on Reboot...

C:\Users\Dom\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Ten plik jest czysty, skanowalem na www i nic nie wykazalo

GMER ?

Fr3shMak3r · 27 Kwietnia 2013

http://www.mpcforum.pl/topic/679592-tutlogi-co-i-jak/

Tam pisze że nie jest przeznaczony dla 64 bit systemów wcześniej tak było teraz już jest przeznaczony .

Potem to poprawie .

SmokeEveryDay · 27 Kwietnia 2013

1.

GMER 2.1.19163 - http://www.gmer.net

Rootkit scan 2013-04-27 22:00:08

Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST320LT0 rev.0001 298,09GB

Running: gmer.exe; Driver: C:\Users\Dom\AppData\Local\Temp\uwdiqpow.sys

---- Threads - GMER 2.1 ----

Thread C:\Windows\system32\svchost.exe [1692:3856] 000007fef7af2888

Thread C:\Windows\system32\svchost.exe [1692:5028] 000007fef7af2a40

Thread C:\Windows\System32\svchost.exe [4976:3152] 000007fef354ac4c

Thread C:\Windows\System32\svchost.exe [4976:2628] 000007fef4239688

---- EOF - GMER 2.1 ----

Prosze, GAMER

SmokeEveryDay · 29 Kwietnia 2013

@ reff

Fr3shMak3r · 29 Kwietnia 2013

Pobierz AdwCleaner i użyj Opcji Delete .

Myślę że już nie ma co doczyszczać .

Zaloguj się

👋 Witaj na MPCForum!

OTL logi pod katem smieci

Rekomendowane odpowiedzi

SmokeEveryDay

SmokeEveryDay

SmokeEveryDay

SmokeEveryDay

SmokeEveryDay

SmokeEveryDay

Fr3shMak3r

Fr3shMak3r

SmokeEveryDay

SmokeEveryDay

Fr3shMak3r

Fr3shMak3r

SmokeEveryDay

SmokeEveryDay

SmokeEveryDay

SmokeEveryDay

Fr3shMak3r

Fr3shMak3r

Zarchiwizowany