Ostatnio mój komputer bardzo wolno pracuje, ma problemy z otwieraniem filmów, ładowaniem stron internetowych, długo pracuje nawet gdy chce otworzyć "mój komputer". Skanowanie Kaspersky 2012, IObit Malware Fighter, nic nie wykazało. Infekcja nastąpiła po pobieraniu rożnych programów do xboxa, nie umiem podać nazw ponieważ wczoraj od razu je usunąłem. Proszę więc o sprawdzenie logów z Combofix'a. (Windows 7 Professional x64)
ComboFix 11-07-21.02 - Xavi 2011-07-21 20:23:55.6.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.48.1033.18.4095.2958 [GMT 2:00]
Uruchomiony z: D:\Pobrane\Google Chrome\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
((((((((((((((((((((((((( Pliki utworzone od 2011-06-21 do 2011-07-21 )))))))))))))))))))))))))))))))
2011-07-21 18:30:01 . 2011-07-21 18:30:01 0 ---ha-w- C:\Users\Xavi\AppData\Local\BIT7290.tmp
2011-07-20 18:52:27 . 2011-07-20 18:52:27 -------- d-----w- C:\Program Files\Bonjour
2011-07-20 18:52:27 . 2011-07-20 18:52:27 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-07-20 14:02:47 . 2011-07-20 14:02:47 -------- d-----w- C:\Users\Xavi\AppData\Roaming\TeamViewer
2011-07-19 09:55:42 . 2011-06-07 17:10:37 8873296 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3C5EE063-390D-4AE4-9BC0-84FF42C25472}\mpengine.dll
2011-07-14 13:19:17 . 2009-06-30 08:37:16 33800 ----a-w- C:\Windows\system32\drivers\pavboot64.sys
2011-07-14 13:19:13 . 2011-07-14 13:19:13 -------- d-----w- C:\Program Files (x86)\Panda Security
2011-07-14 12:30:17 . 2011-07-14 12:39:02 -------- d-----w- C:\Program Files\SkanerOnline
2011-07-13 15:19:42 . 2011-07-21 17:37:33 -------- d-----w- C:\Users\UpdatusUser
2011-07-13 15:19:25 . 2011-05-21 04:01:00 739432 ----a-w- C:\Windows\system32\easyupdatusapiu64.dll
2011-07-13 14:49:43 . 2011-07-13 14:49:43 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-07-13 11:58:59 . 2011-07-13 11:59:51 -------- d-----w- C:\ProgramData\IObit
2011-07-13 11:58:47 . 2011-07-13 11:59:21 -------- d-----w- C:\Program Files (x86)\IObit
2011-07-13 11:57:14 . 2011-07-13 11:59:26 -------- d-----w- C:\Users\Xavi\AppData\Roaming\IObit
2011-07-13 11:57:14 . 2011-02-23 14:50:14 18232 ----a-w- C:\Windows\system32\drivers\SmartDefragDriver.sys
2011-07-13 11:57:14 . 2011-02-23 14:50:02 32136 ----a-w- C:\Windows\system32\SmartDefragBootTime.exe
2011-07-13 11:44:43 . 2011-07-13 11:44:43 -------- d-----w- C:\Users\Xavi\AppData\Roaming\Malwarebytes
2011-07-13 11:44:35 . 2011-07-13 11:44:35 -------- d-----w- C:\ProgramData\Malwarebytes
2011-07-13 11:44:31 . 2011-05-29 07:11:20 25912 ----a-w- C:\Windows\system32\drivers\mbam.sys
2011-07-12 09:39:28 . 2011-07-12 09:39:28 -------- d-----w- C:\Program Files (x86)\Apple Software Update
2011-07-12 09:34:00 . 2011-07-12 09:34:00 96104 ----a-w- C:\Windows\system32\dns-sd.exe
2011-07-12 09:34:00 . 2011-07-12 09:34:00 85864 ----a-w- C:\Windows\system32\dnssd.dll
2011-07-12 09:34:00 . 2011-07-12 09:34:00 61288 ----a-w- C:\Windows\system32\jdns_sd.dll
2011-07-12 09:34:00 . 2011-07-12 09:34:00 212840 ----a-w- C:\Windows\system32\dnssdX.dll
2011-07-12 09:20:54 . 2011-07-12 09:20:54 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-07-12 09:20:54 . 2011-07-12 09:20:54 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-07-12 09:20:54 . 2011-07-12 09:20:54 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-07-12 09:20:54 . 2011-07-12 09:20:54 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-07-01 12:11:34 . 2011-07-01 12:11:34 -------- d-----w- C:\Users\Xavi\AppData\Local\The Witcher 2
2011-06-28 22:35:47 . 2011-06-28 22:35:47 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-06-28 22:35:42 . 2011-06-28 22:35:42 686400 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-06-24 13:15:48 . 2011-06-24 13:15:48 -------- d-----w- C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-06-19 16:54:06 . 2011-06-19 16:54:06 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-06-19 16:54:02 . 2011-06-19 16:54:02 686400 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-06-17 13:31:56 . 2011-05-25 12:21:54 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-04 15:52:04 . 2010-12-26 16:36:28 103736 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-06-03 05:57:52 . 2011-07-13 11:35:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-05-24 17:14:10 . 2010-11-06 19:18:41 270720 ------w- C:\Windows\system32\MpSigStub.exe
2011-05-21 04:01:00 . 2011-05-21 04:01:00 7123560 ----a-w- C:\Windows\system32\nvcuda.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 67176 ----a-w- C:\Windows\system32\OpenCL.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 6555240 ----a-w- C:\Windows\SysWow64\nvwgf2um.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 57960 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 5301352 ----a-w- C:\Windows\SysWow64\nvcuda.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 2943592 ----a-w- C:\Windows\system32\nvcuvid.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 2804328 ----a-w- C:\Windows\SysWow64\nvcuvid.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 2335848 ----a-w- C:\Windows\SysWow64\nvapi.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 22286952 ----a-w- C:\Windows\system32\nvoglv64.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 2212968 ----a-w- C:\Windows\system32\nvcuvenc.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 2082408 ----a-w- C:\Windows\SysWow64\nvcuvenc.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 18583144 ----a-w- C:\Windows\system32\nvcompiler.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 16456296 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 15223912 ----a-w- C:\Windows\system32\nvd3dumx.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 1496168 ----a-w- C:\Windows\system32\nvdispco6420150.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 1427048 ----a-w- C:\Windows\system32\nvgenco642090.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 13206120 ----a-w- C:\Windows\system32\drivers\nvlddmkm.sys
2011-05-21 04:01:00 . 2011-05-21 04:01:00 13011560 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2011-05-21 04:01:00 . 2011-05-21 04:01:00 11992680 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2011-05-21 04:01:00 . 2010-11-06 20:39:39 2644584 ----a-w- C:\Windows\system32\nvapi64.dll
2011-05-21 04:01:00 . 2010-10-16 12:13:46 6300776 ----a-w- C:\Windows\system32\nvcpl.dll
2011-05-21 04:01:00 . 2010-10-16 12:13:26 3040872 ----a-w- C:\Windows\system32\nvsvc64.dll
2011-05-21 04:01:00 . 2010-10-16 12:13:26 117864 ----a-w- C:\Windows\system32\nvmctray.dll
2011-05-21 04:01:00 . 2010-10-16 12:13:24 61544 ----a-w- C:\Windows\system32\nvshext.dll
2011-05-21 04:01:00 . 2010-10-16 12:13:24 2560616 ----a-w- C:\Windows\system32\nvsvcr.dll
2011-05-21 04:01:00 . 2010-10-16 12:13:24 1016936 ----a-w- C:\Windows\system32\nvvsvc.exe
2011-05-21 04:01:00 . 2009-07-13 21:59:35 8863336 ----a-w- C:\Windows\system32\nvwgf2umx.dll
2011-05-10 06:06:08 . 2011-05-10 06:06:08 51712 ----a-w- C:\Windows\system32\drivers\usbaapl64.sys
2011-05-10 06:06:08 . 2011-05-10 06:06:08 4517664 ----a-w- C:\Windows\system32\usbaaplrc.dll
2011-05-04 02:52:22 . 2010-12-06 20:42:16 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-05-03 05:29:29 . 2011-06-15 05:16:05 976896 ----a-w- C:\Windows\system32\inetcomm.dll
2011-05-03 04:30:02 . 2011-06-15 05:16:05 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-04-29 03:06:10 . 2011-06-15 05:16:03 467456 ----a-w- C:\Windows\system32\drivers\srv.sys
2011-04-29 03:05:49 . 2011-06-15 05:16:03 410112 ----a-w- C:\Windows\system32\drivers\srv2.sys
2011-04-29 03:05:37 . 2011-06-15 05:16:03 168448 ----a-w- C:\Windows\system32\drivers\srvnet.sys
2011-04-27 02:40:40 . 2011-06-15 05:16:10 158208 ----a-w- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-27 02:39:40 . 2011-06-15 05:16:10 289280 ----a-w- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-27 02:39:37 . 2011-06-15 05:16:10 128000 ----a-w- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-25 05:33:51 . 2011-06-15 05:16:06 1923968 ----a-w- C:\Windows\system32\drivers\tcpip.sys
2011-04-25 02:34:03 . 2011-06-15 05:16:06 499200 ----a-w- C:\Windows\system32\drivers\afd.sys
2011-04-23 01:29:25 . 2011-06-15 05:26:07 2303488 ----a-w- C:\Windows\system32\jscript9.dll
2011-04-23 01:19:19 . 2011-06-15 05:26:09 2382848 ----a-w- C:\Windows\system32\mshtml.tlb
2011-04-22 23:35:56 . 2011-06-15 05:26:07 1797632 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-04-22 23:25:54 . 2011-06-15 05:26:09 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-04-22 22:15:29 . 2011-05-24 18:09:51 27520 ----a-w- C:\Windows\system32\drivers\Diskdump.sys
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2011-01-17 10:24:58 155416 ----a-w- C:\Windows\SysWOW64\CbFsMntNtf3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 12:16:28 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576]
R2 gupdate;Usługa Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 19:05:30 136176]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 04:01:00 2214504]
R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2011-04-27 17:17:28 20336]
R3 gupdatem;Usługa Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 19:05:30 136176]
R3 LVcKap64;Logitech AEC Driver;C:\Windows\system32\DRIVERS\LVcKap64.sys [x]
R3 lvpepf64;Volume Adapter;C:\Windows\system32\DRIVERS\lv302a64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\DRIVERS\LVUSBS64.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 21:50:30 31124344]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 20:34:24 4925184]
R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-03-22 22:58:06 33184]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [x]
R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-03-22 22:58:10 21328]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 17:10:10 57184]
S0 pavboot;pavboot;C:\Windows\system32\drivers\pavboot64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;C:\Windows\System32\Drivers\sptd.sys [x]
S1 cbfs3;cbfs3;C:\Windows\system32\drivers\cbfs3.sys [x]
S2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 12:46:56 353168]
S2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-06-01 12:10:00 821080]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 10:46:40 369256]
Zawartość folderu 'Zaplanowane zadania'
2011-07-21 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-06 11:52:56 . 2010-11-06 19:05:30]
2011-07-21 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-06 11:52:56 . 2010-11-06 19:05:30]
2011-07-21 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4233687315-1456467392-2878773263-1000Core.job
- C:\Users\Xavi\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-06 19:05:30 . 2010-11-06 19:05:30]
2011-07-21 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4233687315-1456467392-2878773263-1000UA.job
- C:\Users\Xavi\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-06 19:05:30 . 2010-11-06 19:05:30]
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon1]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2011-05-26 14:11:30 592384 ----a-w- D:\Programy\Wuala OverlayIcons\OverlayIcon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon2]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2011-05-26 14:11:30 592384 ----a-w- D:\Programy\Wuala OverlayIcons\OverlayIcon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon3]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2011-05-26 14:11:30 592384 ----a-w- D:\Programy\Wuala OverlayIcons\OverlayIcon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0WualaOverlayIcon4]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2011-05-26 14:11:30 592384 ----a-w- D:\Programy\Wuala OverlayIcons\OverlayIcon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2011-01-17 10:24:58 188696 ----a-w- C:\Windows\System32\CbFsMntNtf3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
------- Skan uzupełniający -------
uLocal Page = C:\Windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{4CC67C44-D5D0-4099-BE14-B9FC881FCC32}: NameServer = 156.154.70.22,156.154.71.22
FF - ProfilePath - C:\Users\Xavi\AppData\Roaming\Mozilla\Firefox\Profiles\smmysu3q.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - D:\Programy\FireFox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - D:\Programy\FireFox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Anti-Banner: KavAntiBanner@kaspersky.ru_bak2 - D:\Programy\FireFox\extensions\KavAntiBanner@kaspersky.ru_bak2
FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru_bak2 - D:\Programy\FireFox\extensions\linkfilter@kaspersky.ru_bak2
- - - - USUNIĘTO PUSTE WPISY - - - -
AddRemove-PunkBusterSvc - C:\Windows\system32\pbsvc.exe
AddRemove-SkanerOnline - C:\Windows\system32\SkanerOnlineUninstall.exe
AddRemove-Tzar - C:\Windows\IsUn0415.exe
Security Check:
Results of screen317's Security Check version 0.99.17
Windows 7 (UAC is disabled!)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Java 6 Update 26
Adobe Flash Player 10.3.181.26
````````````````````````````````
Process Check:
objlist.exe by Laurent
IObit IObit Malware Fighter IMFsrv.exe
``````````End of Log````````````
OTL:
OTL Extras logfile created on: 2011-07-21 20:57:07 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = D:\Pobrane\Google Chrome
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
4,00 Gb Total Physical Memory | 2,72 Gb Available Physical Memory | 67,99% Memory free
8,00 Gb Paging File | 6,65 Gb Available in Paging File | 83,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 99,90 Gb Total Space | 42,07 Gb Free Space | 42,11% Space Free | Partition Type: NTFS
Drive D: | 598,63 Gb Total Space | 17,42 Gb Free Space | 2,91% Space Free | Partition Type: NTFS
Computer Name: XAVI-PC | User Name: Xavi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "D:\Programy\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programy\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programy\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programy\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{28D73032-5DAA-4F83-B154-85105DBCCB92}" = iTunes
"{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C02C2C22-2EB1-47C8-B74F-8AB1A62FAE31}" = Windows Live Family Safety
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA4DA5D7-5140-4024-BADD-FCB540833E5D}" = Labtec WebCam
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"WinGimp-2.0_is1" = GIMP 2.6.3
"WinRAR archiver" = Archiwizator WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C9221F6-1EA9-4D92-892D-A5FEB3084A75}" = Need for Speed Undeground 2
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 26
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2DFF2906-52BB-4222-8062-1509259FC013}" = GUN
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018302}" = Fable III
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = The Saboteur™
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BD-0415-0000-0000000FF1CE}" = Język etykietek ekranowych pakietu Microsoft Office 2010 — polski
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9A162C1-031F-4EBF-A3E6-C45F7FCCBB9E}_is1" = Genie Backup Assistant
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"abgx360" = abgx360 v1.0.5
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"AQQ" = WapSter AQQ
"Call of Duty - Black Ops_is1" = Call of Duty - Black Ops
"Counter-Strike" = Counter-Strike 1.0
"EADM" = EA Download Manager
"Ekspert CD_is1" = Ekspert CD
"FormatFactory" = FormatFactory 2.45
"Foxit Reader" = Foxit Reader
"Game Booster_is1" = Game Booster
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"ImgBurn" = ImgBurn
"InstallShield_{2DFF2906-52BB-4222-8062-1509259FC013}" = GUN
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare
"IObit Malware Fighter_is1" = IObit Malware Fighter
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Need for Speed Undeground 2" = Need for Speed Undeground 2
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Return to Castle Wolfenstein" = Return to Castle Wolfenstein
"Revo Uninstaller" = Revo Uninstaller 1.83
"SkanerOnline" = Skaner on-line mks_vir
"Smart Defrag 2_is1" = Smart Defrag 2
"Steam App 102800" = Darkspore Beta
"Steam App 105600" = Terraria
"Steam App 11200" = Shadowgrounds: Survivor
"Steam App 12100" = Grand Theft Auto III
"Steam App 12110" = Grand Theft Auto: Vice City
"Steam App 12120" = Grand Theft Auto: San Andreas
"Steam App 12180" = Grand Theft Auto 2
"Steam App 12200" = Bully: Scholarship Edition
"Steam App 12210" = Grand Theft Auto IV
"Steam App 12220" = Grand Theft Auto: Episodes from Liberty City
"Steam App 12360" = FlatOut: Ultimate Carnage
"Steam App 15120" = Tom Clancy's Rainbow Six: Vegas 2
"Steam App 19900" = Far Cry 2
"Steam App 19980" = Prince of Persia
"Steam App 20500" = Red Faction: Guerrilla
"Steam App 21980" = Call of Juarez: Bound in Blood
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 2500" = Shadowgrounds
"Steam App 26800" = Braid
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 35130" = Lara Croft and the Guardian of Light
"Steam App 35700" = Trine
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 41500" = Torchlight
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 42910" = Magicka
"Steam App 440" = Team Fortress 2
"Steam App 520" = Team Fortress 2 Beta
"Steam App 56460" = Warhammer® 40,000™: Dawn of War® II - Retribution™ Beta
"Steam App 6120" = Shank
"Steam App 63200" = Monday Night Combat
"Steam App 8850" = BioShock 2
"Steam App 8980" = Borderlands
"Tzar" = Tzar
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Podstawowe programy Windows Live
"Wuala CBFS" = Wuala CBFS
"Wuala OverlayIcons" = Wuala OverlayIcons
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4233687315-1456467392-2878773263-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Wuala" = Wuala
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 2011-07-20 14:53:29 | Computer Name = Xavi-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
0x4e17bc82 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x6c50656c Faulting process id: 0x588 Faulting application
start time: 0x01cc470d0611d890 Faulting application path: C:\Users\Xavi\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
module path: unknown Report Id: 8e336bbc-b301-11e0-918b-00235457804f
Error - 2011-07-20 14:53:48 | Computer Name = Xavi-PC | Source = MsiInstaller | ID = 11310
Description =
Error - 2011-07-20 17:17:38 | Computer Name = Xavi-PC | Source = Bonjour Service | ID = 100
Description = 228: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 2011-07-21 05:44:11 | Computer Name = Xavi-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "d:\Programy\wapster aqq\System\DelZip179.dll".Error
in manifest or policy file "d:\Programy\wapster aqq\System\DelZip179.dll" on line
8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid.
Error - 2011-07-21 09:12:12 | Computer Name = Xavi-PC | Source = Wininit | ID = 1015
Description = A critical system process, C:\Windows\system32\lsass.exe, failed with
status code 1. The machine must now be restarted.
Error - 2011-07-21 09:12:47 | Computer Name = Xavi-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
0x4e17bc82 Faulting module name: chrome.exe, version: 0.0.0.0, time stamp: 0x4e17bc82
Exception
code: 0x40000015 Fault offset: 0x000613c0 Faulting process id: 0x141c Faulting application
start time: 0x01cc47a7e197c92e Faulting application path: C:\Users\Xavi\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
module path: C:\Users\Xavi\AppData\Local\Google\Chrome\Application\chrome.exe Report
Id: 209be26f-b39b-11e0-b69a-00235457804f
Error - 2011-07-21 09:25:34 | Computer Name = Xavi-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d672ee4 Faulting module name: DUI70.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bdf25 Exception code: 0xc0000005 Fault offset: 0x0000000000001098
Faulting
process id: 0x61c Faulting application start time: 0x01cc47a81990feb2 Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\system32\DUI70.dll
Report
Id: e960ce06-b39c-11e0-9658-00235457804f
Error - 2011-07-21 09:38:26 | Computer Name = Xavi-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
0x4e17bc82 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00560e98 Faulting process id: 0x1198 Faulting application
start time: 0x01cc47ab6b051c0f Faulting application path: C:\Users\Xavi\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
module path: unknown Report Id: b5bde690-b39e-11e0-9658-00235457804f
Error - 2011-07-21 10:05:10 | Computer Name = Xavi-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
0x4e17bc82 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00960e98 Faulting process id: 0x4e4 Faulting application
start time: 0x01cc47af255ae46a Faulting application path: C:\Users\Xavi\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
module path: unknown Report Id: 719a0683-b3a2-11e0-9658-00235457804f
Error - 2011-07-21 13:03:37 | Computer Name = Xavi-PC | Source = Application Hang | ID = 1002
Description = The program Suc14_FileShredder.exe version 1.0.0.12 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1348 Start
Time: 01cc47c727dbac45 Termination Time: 15 Application Path: C:\Program Files (x86)\IObit\Advanced
SystemCare 4\Suc14_FileShredder.exe Report Id:
[ Media Center Events ]
Error - 2011-06-26 20:32:46 | Computer Name = Xavi-PC | Source = MCUpdate | ID = 0
Description = 02:32:45 - Failed to retrieve MCEClientUX (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
Error - 2011-06-26 20:32:48 | Computer Name = Xavi-PC | Source = MCUpdate | ID = 0
Description = 02:32:47 - Failed to retrieve Broadband (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
Error - 2011-06-26 21:32:52 | Computer Name = Xavi-PC | Source = MCUpdate | ID = 0
Description = 03:32:52 - Failed to retrieve Directory (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
Error - 2011-06-26 21:32:56 | Computer Name = Xavi-PC | Source = MCUpdate | ID = 0
Description = 03:32:55 - Failed to retrieve MCESpotlight (Error: The underlying
connection was closed: Could not establish trust relationship for the SSL/TLS secure
channel.)
Error - 2011-06-26 21:32:58 | Computer Name = Xavi-PC | Source = MCUpdate | ID = 0
Description = 03:32:57 - Failed to retrieve MCEClientUX (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
Error - 2011-06-26 21:33:00 | Computer Name = Xavi-PC | Source = MCUpdate | ID = 0
Description = 03:32:59 - Failed to retrieve Broadband (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
Error - 2011-06-27 18:05:19 | Computer Name = Xavi-PC | Source = MCUpdate | ID = 0
Description = 00:05:19 - Failed to retrieve Directory (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
Error - 2011-06-27 18:05:24 | Computer Name = Xavi-PC | Source = MCUpdate | ID = 0
Description = 00:05:22 - Failed to retrieve MCESpotlight (Error: The underlying
connection was closed: Could not establish trust relationship for the SSL/TLS secure
channel.)
Error - 2011-06-27 18:05:27 | Computer Name = Xavi-PC | Source = MCUpdate | ID = 0
Description = 00:05:25 - Failed to retrieve MCEClientUX (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
Error - 2011-06-27 18:05:34 | Computer Name = Xavi-PC | Source = MCUpdate | ID = 0
Description = 00:05:29 - Failed to retrieve Broadband (Error: The underlying connection
was closed: Could not establish trust relationship for the SSL/TLS secure channel.)
[ System Events ]
Error - 2011-06-22 10:51:38 | Computer Name = Xavi-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 2011-06-22 10:51:41 | Computer Name = Xavi-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 2011-06-22 10:51:44 | Computer Name = Xavi-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 2011-06-24 09:12:19 | Computer Name = Xavi-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.
Error - 2011-06-24 09:12:19 | Computer Name = Xavi-PC | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053
Error - 2011-06-24 15:29:39 | Computer Name = Xavi-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 19:56:38 on ?2011-?06-?24 was unexpected.
Error - 2011-06-24 15:44:47 | Computer Name = Xavi-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 21:38:26 on ?2011-?06-?24 was unexpected.
Error - 2011-06-24 16:04:05 | Computer Name = Xavi-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the AVP service.
Error - 2011-06-24 16:45:57 | Computer Name = Xavi-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 22:44:08 on ?2011-?06-?24 was unexpected.
Error - 2011-06-25 06:00:40 | Computer Name = Xavi-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 22:45:57 on ?2011-?06-?24 was unexpected.
< End of report >