Ukash blokada komputera

[Asatero]

Witam zwracam się z wielką prośba o pomoc, zablokowano mi komputer (UKASH) chyba to z czym boryka się wiele osób.. przeskanowalem kompa z poziomu trybu awaryjnego OTL i załączam log OTL oraz extras:

Extras.Txt

OTL.Txt

 

Pozdrawiam.

[Landuss]

1. Uruchom OTL i w oknie Własne opcje skanowania/Skrypt wklej następujący tekst:

 

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http: //pl.v9.com/ins/ins_1332446208_416085
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http: //pl.v9.com/ins/ins_1332446208_416085
IE - HKU\S-1-5-21-1203435865-543677909-2217220177-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http: //pl.v9.com/ins/ins_1332446208_416085
IE - HKU\S-1-5-21-1203435865-543677909-2217220177-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http: //pl.v9.com/ins/ins_1332446208_416085
FF - prefs.js..browser.startup.homepage: "http://pl.v9.com/ins/ins_1332446208_416085"
[2012-03-22 21:56:49 | 000,002,415 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml
O4 - HKLM..\Run: [qlndkfspazjpzrt] C:\ProgramData\qlndkfsp.exe ()
O4 - HKU\S-1-5-21-1203435865-543677909-2217220177-1000..\Run: [qlndkfspazjpzrt] C:\ProgramData\qlndkfsp.exe ()
 
:Files
C:\ProgramData\sqzclxycslhtfkw
C:\ProgramData\pyhlssatauyokno
C:\Users\Kamil\0.4276872631846672.exe
 
:Commands
[emptytemp]

 

Adnotacja dla innych czytających: skrypt unikatowy - dopasowany tylko i wyłącznie pod ten system, proszę nie stosować na swoich systemach.

 

Kliknij w Wykonaj skrypt. Zatwierdź restart komputera.

 

2. Wejdź w panel usuwania programów i odinstaluj: Deinstalator Strony V9

 

3. Uruchamiasz OTL ponownie, tym razem wywołujesz opcję Skanuj. Pokazujesz nowe logi z OTL

[Asatero]

oto skany po wszystkim:

 

 

OTL Extras logfile created on: 2012-07-13 19:48:03 - Run 1

OTL by OldTimer - Version 3.2.54.0 Folder = L:\

Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

2,00 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 46,39% Memory free

4,00 Gb Paging File | 2,67 Gb Available in Paging File | 66,90% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 49,81 Gb Total Space | 2,85 Gb Free Space | 5,72% Space Free | Partition Type: NTFS

Drive D: | 29,29 Gb Total Space | 2,88 Gb Free Space | 9,85% Space Free | Partition Type: NTFS

Drive E: | 195,31 Gb Total Space | 51,92 Gb Free Space | 26,59% Space Free | Partition Type: NTFS

Drive F: | 195,31 Gb Total Space | 195,22 Gb Free Space | 99,95% Space Free | Partition Type: NTFS

Drive G: | 25,33 Gb Total Space | 22,47 Gb Free Space | 88,73% Space Free | Partition Type: NTFS

Drive H: | 59,57 Gb Total Space | 22,06 Gb Free Space | 37,04% Space Free | Partition Type: NTFS

Drive I: | 60,18 Gb Total Space | 16,57 Gb Free Space | 27,53% Space Free | Partition Type: NTFS

Drive J: | 6,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Drive L: | 3,73 Gb Total Space | 0,90 Gb Free Space | 24,19% Space Free | Partition Type: FAT32

 

Computer Name: KAMIL-KOMPUTER | User Name: Kamil | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)

https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [Przeglądaj w XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{052B065B-C8FE-4916-A709-1CF6135A75A4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{0CD8D07A-E374-4319-8E1C-EECDB4DD0574}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{372E5411-DE0F-48CF-AEAA-453E4D893F1A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{953972CA-F726-4091-A02D-C56B65BA71DC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |

"{F1C8AB5F-A503-42E5-B4C1-6494170AC0BE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{011C5D9C-3BC9-4E6D-9F12-56B8AD43C6D7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |

"{04B30A54-613A-42DD-93DE-F0A60F57CDEB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{2BF1E4BE-CDA3-4F85-97AB-42B871D5CBF9}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |

"{332EE522-F58B-4F94-AB39-365844E61A49}" = protocol=6 | dir=in | app=e:\program files\steam\steam.exe |

"{340EDBC5-8E98-40CA-A2F9-9EBF0F1F5037}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |

"{37AA058B-490D-4119-81A6-F6AC72529FC9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |

"{51A16A82-3B4B-4D8E-AD3D-96F54C4E09F8}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{6A48BA1F-2B66-46CA-AE7A-6A5AB3320B91}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{6AC5BCF0-6303-43AA-B298-DDC8989C2FBB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |

"{6F9601C7-0061-4137-B721-8E1DF3EDD28E}" = protocol=6 | dir=in | app=e:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |

"{7B039818-0287-40BF-B87B-7AC6CD680ED7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{A549E00A-BB69-48A2-8924-4F6C5CD94806}" = protocol=17 | dir=in | app=e:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |

"{B04BF749-22E7-4A0F-ABC1-CFB73B767ECB}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |

"{B1C92CDD-8C68-42B6-B82E-CC35EB10C0B8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |

"{B6864873-04A5-4CEC-8B3A-FE156ACF10DB}" = protocol=17 | dir=in | app=e:\program files\steam\steam.exe |

"{C30AAD54-D092-47C4-9CCF-149192C91B1F}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{C3AD784F-C52D-4998-A585-A2D645DF8B80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{D2F601B9-51A6-44D6-8804-A60F86456DCA}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{D7FA02F0-F860-422D-B3B5-277F2921227F}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{DC07A943-89A6-4F81-A4C3-D6E44D4C7461}" = protocol=58 | dir=in | app=system |

"{F5611D15-5E77-4934-9717-2976EBB32B39}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |

"TCP Query User{1FD4CE3F-23BD-4307-8371-583B31478395}C:\users\kamil\desktop\damian borderlands\borderlands\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\users\kamil\desktop\damian borderlands\borderlands\gearbox software\borderlands\binaries\borderlands.exe |

"TCP Query User{36F253FB-1C56-434B-B616-3D5F38B97184}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

"TCP Query User{41DA01F5-0F5C-4F56-AC26-3BCA4AD89ABE}C:\users\kamil\desktop\bordelands\borderlands\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\users\kamil\desktop\bordelands\borderlands\gearbox software\borderlands\binaries\borderlands.exe |

"TCP Query User{4376EF0E-29FA-4416-90F6-23DF3224BC4B}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |

"TCP Query User{5423CA0F-7888-4513-84D6-B26D98E2C6CB}E:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=e:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |

"TCP Query User{78606A48-578E-4B1C-99AE-A5EDCEE5D814}D:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=d:\programdata\electronic arts\need for speed world\data\nfsw.exe |

"TCP Query User{F8796FED-D0E9-4F9F-9E0B-3E4894A72D91}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |

"UDP Query User{0FADF0CA-B3E3-46C6-A321-42E1C751C76B}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |

"UDP Query User{104E0E13-5506-46A8-A720-C80523F4EA74}D:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=d:\programdata\electronic arts\need for speed world\data\nfsw.exe |

"UDP Query User{3AB68D69-09E7-4B90-852B-F3C6C27AA3EF}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

"UDP Query User{3F4482DD-BA39-4A01-8ABA-01ABC63AE0A3}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |

"UDP Query User{7CA89BA6-ED54-4746-9483-DADA819D145F}C:\users\kamil\desktop\damian borderlands\borderlands\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\users\kamil\desktop\damian borderlands\borderlands\gearbox software\borderlands\binaries\borderlands.exe |

"UDP Query User{B14D4D61-0B6B-4AF7-A850-DBA21E6CD5B1}E:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=e:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |

"UDP Query User{B15DB9A5-4951-4D0C-90E8-578C8BEEEE3A}C:\users\kamil\desktop\bordelands\borderlands\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\users\kamil\desktop\bordelands\borderlands\gearbox software\borderlands\binaries\borderlands.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi

"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common

"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center

"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack

"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1

"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11

"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{201B5096-AF6E-423E-B987-023E040D9B42}" = Windows Live Remote Service Resources

"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31

"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5

"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources

"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor

"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack

"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{436EE4BA-494B-BA2D-5539-EF07255205D4}" = ATI Catalyst Install Manager

"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands

"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)

"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility

"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live

"{65356EEA-6ABF-437B-A7C7-5AAA0C6086F2}_is1" = Minecraft Auto wersja 1.0

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live

"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World

"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi

"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010

"{90140000-0015-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010

"{90140000-0016-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010

"{90140000-0018-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010

"{90140000-0019-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010

"{90140000-001A-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010

"{90140000-001B-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010

"{90140000-001F-0415-0000-0000000FF1CE}_Office14.PROPLUS_{1D751709-BA6C-49E2-844B-4F4F20F410C9}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010

"{90140000-002C-0415-0000-0000000FF1CE}_Office14.PROPLUS_{6606F321-8216-466E-981E-B75A14C46894}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010

"{90140000-0044-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010

"{90140000-006E-0415-0000-0000000FF1CE}_Office14.PROPLUS_{6AF8887A-72F7-4FA0-ABE4-396172B64550}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010

"{90140000-00A1-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010

"{90140000-00BA-0415-0000-0000000FF1CE}_Office14.PROPLUS_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Polish

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych

"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 301.42

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 301.42

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 301.42

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 301.42

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.8.15

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety

"{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger

"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11

"{BEC72604-5B27-4C6B-B136-F98EF4C46F5B}" = Heroes of Might and Magic III

"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh

"{C30628D8-D3A0-4F23-90F0-F145808087B6}" = Windows Live Remote Client Resources

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)

"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)

"{DA683EB9-E863-42B1-8F73-70B549E69D7D}" = ESET Smart Security

"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software

"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E656D89A-8CBB-497F-918F-8361A4071C26}" = Nero Burning ROM 11

"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9

"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.13

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F4678A65-9095-49E8-B5D9-31A9886C2840}" = Windows Live Family Safety

"{F47E5EF3-F7CB-4459-9E5D-119511EBDD78}_is1" = Minecraft AA wersja 1.1

"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"AIMP3" = AIMP3

"AudioCS" = Creative Audio Control Panel

"Cisco Connect" = Cisco Connect

"Creative Software AutoUpdate" = Creative Software AutoUpdate

"Creative Sound Blaster Properties" = Creative Sound Blaster Properties

"DAEMON Tools Lite" = DAEMON Tools Lite

"EasyBCD" = EasyBCD 2.1.2

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228

"Gadu-Gadu 10" = Gadu-Gadu 10

"Heroes III Armageddon's Blade" = Heroes III Armageddon's Blade

"Heroes III The Restoration of Erathia" = Heroes III The Restoration of Erathia

"Heroes III The Shadow of Death" = Heroes III The Shadow of Death

"hon" = Heroes of Newerth

"KLiteCodecPack_is1" = K-Lite Codec Pack 8.0.7 (Full)

"LogMeIn Hamachi" = LogMeIn Hamachi

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.62.0.1300

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile

"MoorHunt_is1" = MoorHunt 0.6.7.2

"Mozilla Firefox 13.0.1 (x86 pl)" = Mozilla Firefox 13.0.1 (x86 pl)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MTA:SA 1.3" = MTA:SA v1.3

"Native Instruments Controller Editor" = Native Instruments Controller Editor

"Native Instruments Service Center" = Native Instruments Service Center

"Native Instruments Traktor" = Native Instruments Traktor

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Office14.PROPLUS" = Microsoft Office Professional Plus 2010

"Opera 11.64.1403" = Opera 11.64

"Pharaoh" = Faraon

"Picasa 3" = Picasa 3

"SubtitleWorkshop" = Subtitle Workshop 2.51

"Tibia_is1" = Tibia

"uTorrent" = µTorrent

"V9Software" = Deinstalator Strony V9

"Video mp3 Extractor_is1" = Video mp3 Extractor

"WinLiveSuite" = Podstawowe programy Windows Live

"WinRAR archiver" = WinRAR 4.01 (32-bitowy)

"XnView_is1" = XnView 1.98.8

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"GameRanger" = GameRanger

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 2012-07-13 10:01:18 | Computer Name = Kamil-Komputer | Source = WinMgmt | ID = 10

Description =

 

Error - 2012-07-13 11:51:45 | Computer Name = Kamil-Komputer | Source = Software Protection Platform Service | ID = 8198

Description = Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x800401F9

 

Error - 2012-07-13 11:51:45 | Computer Name = Kamil-Komputer | Source = Winlogon | ID = 4103

Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

 

Error - 2012-07-13 11:53:22 | Computer Name = Kamil-Komputer | Source = WinMgmt | ID = 10

Description =

 

Error - 2012-07-13 11:54:29 | Computer Name = Kamil-Komputer | Source = Software Protection Platform Service | ID = 8198

Description = Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x800401F9

 

Error - 2012-07-13 11:54:29 | Computer Name = Kamil-Komputer | Source = Winlogon | ID = 4103

Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

 

Error - 2012-07-13 11:56:08 | Computer Name = Kamil-Komputer | Source = WinMgmt | ID = 10

Description =

 

Error - 2012-07-13 13:35:06 | Computer Name = Kamil-Komputer | Source = Software Protection Platform Service | ID = 8198

Description = Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x800401F9

 

Error - 2012-07-13 13:35:06 | Computer Name = Kamil-Komputer | Source = Winlogon | ID = 4103

Description = Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

 

Error - 2012-07-13 13:36:44 | Computer Name = Kamil-Komputer | Source = WinMgmt | ID = 10

Description =

 

[ System Events ]

Error - 2012-04-17 05:58:48 | Computer Name = Kamil-Komputer | Source = atapi | ID = 262155

Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort3.

 

Error - 2012-04-17 05:58:50 | Computer Name = Kamil-Komputer | Source = atapi | ID = 262155

Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort3.

 

Error - 2012-04-17 05:58:57 | Computer Name = Kamil-Komputer | Source = atapi | ID = 262155

Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort3.

 

Error - 2012-04-17 05:59:03 | Computer Name = Kamil-Komputer | Source = atapi | ID = 262155

Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort3.

 

Error - 2012-04-17 05:59:08 | Computer Name = Kamil-Komputer | Source = atapi | ID = 262155

Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort3.

 

Error - 2012-04-17 05:59:09 | Computer Name = Kamil-Komputer | Source = atapi | ID = 262155

Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort3.

 

Error - 2012-04-17 05:59:14 | Computer Name = Kamil-Komputer | Source = atapi | ID = 262155

Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort3.

 

Error - 2012-04-17 05:59:17 | Computer Name = Kamil-Komputer | Source = atapi | ID = 262155

Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort3.

 

Error - 2012-04-17 05:59:18 | Computer Name = Kamil-Komputer | Source = atapi | ID = 262155

Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort3.

 

Error - 2012-04-17 05:59:28 | Computer Name = Kamil-Komputer | Source = atapi | ID = 262155

Description = Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort3.

 

 

< End of report >

 

OTL logfile created on: 2012-07-13 19:47:39 - Run 1

OTL by OldTimer - Version 3.2.54.0 Folder = L:\

Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

 

2,00 Gb Total Physical Memory | 0,93 Gb Available Physical Memory | 46,39% Memory free

4,00 Gb Paging File | 2,67 Gb Available in Paging File | 66,90% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 49,81 Gb Total Space | 2,85 Gb Free Space | 5,72% Space Free | Partition Type: NTFS

Drive D: | 29,29 Gb Total Space | 2,88 Gb Free Space | 9,85% Space Free | Partition Type: NTFS

Drive E: | 195,31 Gb Total Space | 51,92 Gb Free Space | 26,59% Space Free | Partition Type: NTFS

Drive F: | 195,31 Gb Total Space | 195,22 Gb Free Space | 99,95% Space Free | Partition Type: NTFS

Drive G: | 25,33 Gb Total Space | 22,47 Gb Free Space | 88,73% Space Free | Partition Type: NTFS

Drive H: | 59,57 Gb Total Space | 22,06 Gb Free Space | 37,04% Space Free | Partition Type: NTFS

Drive I: | 60,18 Gb Total Space | 16,57 Gb Free Space | 27,53% Space Free | Partition Type: NTFS

Drive J: | 6,10 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Drive L: | 3,73 Gb Total Space | 0,90 Gb Free Space | 24,19% Space Free | Partition Type: FAT32

 

Computer Name: KAMIL-KOMPUTER | User Name: Kamil | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2012-07-13 15:52:32 | 000,596,480 | ---- | M] (OldTimer Tools) -- L:\OTL.exe

PRC - [2012-06-27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- E:\Program Files\LogMeIn Hamachi\hamachi-2.exe

PRC - [2012-06-21 13:50:24 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2012-06-19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

PRC - [2012-05-15 11:28:16 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

PRC - [2012-05-15 11:27:34 | 000,857,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

PRC - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011-09-23 19:37:42 | 000,641,832 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe

PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe

PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe

PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe

PRC - [2011-03-28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE

PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2011-02-18 07:39:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe

PRC - [2010-11-20 23:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2010-11-20 23:29:07 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe

PRC - [2009-12-08 20:26:15 | 003,616,768 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

PRC - [2009-06-22 21:47:18 | 000,212,232 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe

PRC - [2008-11-18 14:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2012-07-12 16:51:12 | 009,465,032 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_265.dll

MOD - [2012-06-21 13:50:23 | 002,042,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll

MOD - [2012-05-15 02:21:26 | 000,368,448 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll

MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll

MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll

MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll

MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll

MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll

MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll

MOD - [2011-03-17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

MOD - [2011-03-04 13:02:54 | 007,745,536 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll

MOD - [2011-03-04 13:02:52 | 000,135,168 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll

MOD - [2011-03-04 13:02:50 | 002,121,728 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll

MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll

MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll

MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll

MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll

MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll

MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll

MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll

MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll

MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll

MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll

MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll

MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll

MOD - [2009-03-26 15:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\System32\APOMngr.DLL

MOD - [2009-02-06 19:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\System32\CmdRtr.DLL

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2012-07-12 16:51:24 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012-06-27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- E:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2012-06-21 13:50:23 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012-06-19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)

SRV - [2012-06-05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012-05-15 12:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011-12-08 02:40:21 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2011-12-08 00:36:24 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2011-09-23 19:37:42 | 000,641,832 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)

SRV - [2011-06-12 12:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)

SRV - [2011-04-01 12:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)

SRV - [2011-03-28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)

SRV - [2009-12-08 20:26:15 | 003,616,768 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)

SRV - [2009-07-16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009-06-22 21:47:18 | 000,212,232 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)

SRV - [2008-11-18 14:15:30 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)

DRV - [2012-06-11 20:20:34 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV - [2012-05-15 12:26:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2011-08-09 14:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)

DRV - [2011-08-04 09:20:38 | 000,147,480 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)

DRV - [2011-08-04 09:20:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)

DRV - [2011-08-04 09:20:38 | 000,033,656 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)

DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)

DRV - [2010-11-20 23:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV - [2010-11-20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010-11-20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)

DRV - [2010-11-20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)

DRV - [2010-11-20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)

DRV - [2010-11-20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)

DRV - [2010-11-20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)

DRV - [2010-11-20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2010-11-20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)

DRV - [2010-11-20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV - [2010-11-20 23:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)

DRV - [2010-11-20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)

DRV - [2010-11-20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)

DRV - [2010-03-15 10:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)

DRV - [2010-03-15 10:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM)

DRV - [2010-03-15 10:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM)

DRV - [2010-03-15 10:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)

DRV - [2010-03-15 10:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM)

DRV - [2010-03-15 10:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)

DRV - [2009-11-19 15:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS)

DRV - [2009-05-04 18:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)

DRV - [2009-04-21 14:58:06 | 001,147,392 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\P17.sys -- (P17)

DRV - [2009-04-03 07:39:58 | 000,027,320 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)

DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKLM\..\SearchScopes,DefaultScope = {89D0EF7D-2254-4133-AAD8-29E20DF679DF}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{89D0EF7D-2254-4133-AAD8-29E20DF679DF}: "URL" = http://uk.search.yah...icevm&type=IEBD

IE - HKLM\..\SearchScopes\{A479023B-6FAA-4da3-AE77-4CCC6C292C54}: "URL" = http://www.google.co...0FF%3BFORID%3A1

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{89D0EF7D-2254-4133-AAD8-29E20DF679DF}: "URL" = http://search.yahoo....cevm&type=STDVM

IE - HKCU\..\SearchScopes\{A479023B-6FAA-4da3-AE77-4CCC6C292C54}: "URL" = http://www.google.co...88%3A4067623346

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-21 13:50:25 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-07-10 16:40:47 | 000,000,000 | ---D | M]

 

[2011-12-08 01:04:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions

[2012-07-11 14:13:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kamil\AppData\Roaming\mozilla\Firefox\Profiles\khd92u2b.default\extensions

[2012-02-15 14:57:12 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Kamil\AppData\Roaming\mozilla\Firefox\Profiles\khd92u2b.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2012-03-29 21:53:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Kamil\AppData\Roaming\mozilla\Firefox\Profiles\khd92u2b.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2012-03-26 22:31:44 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\Kamil\AppData\Roaming\mozilla\Firefox\Profiles\khd92u2b.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}

[2012-06-28 10:43:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012-06-28 10:43:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011-12-09 14:53:56 | 000,079,135 | ---- | M] () (No name found) -- C:\USERS\KAMIL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KHD92U2B.DEFAULT\EXTENSIONS\{1A2D0EC4-75F5-4C91-89C4-3656F6E44B68}.XPI

[2011-12-09 14:53:56 | 000,007,651 | ---- | M] () (No name found) -- C:\USERS\KAMIL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KHD92U2B.DEFAULT\EXTENSIONS\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}.XPI

[2011-12-09 14:53:56 | 000,008,640 | ---- | M] () (No name found) -- C:\USERS\KAMIL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KHD92U2B.DEFAULT\EXTENSIONS\{902D2C4A-457A-4EF9-AD43-7014562929FF}.XPI

[2012-01-11 22:50:19 | 000,292,116 | ---- | M] () (No name found) -- C:\USERS\KAMIL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KHD92U2B.DEFAULT\EXTENSIONS\{AD48108D-92A6-4EB9-87E4-978ACA1DBAE4}.XPI

[2012-07-11 14:13:19 | 000,177,357 | ---- | M] () (No name found) -- C:\USERS\KAMIL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KHD92U2B.DEFAULT\EXTENSIONS\{C36177C0-224A-11DA-8CD6-0800200C9A91}.XPI

[2011-12-09 14:53:56 | 000,003,941 | ---- | M] () (No name found) -- C:\USERS\KAMIL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KHD92U2B.DEFAULT\EXTENSIONS\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}.XPI

[2012-03-23 19:09:25 | 001,184,804 | ---- | M] () (No name found) -- C:\USERS\KAMIL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KHD92U2B.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI

[2012-06-21 13:50:25 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012-06-21 13:50:21 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml

[2012-06-21 13:50:21 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml

[2012-06-21 13:50:21 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml

[2012-06-21 13:50:21 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml

[2012-06-21 13:50:21 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml

[2012-06-21 13:50:21 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

 

O1 HOSTS File: ([2012-06-14 12:45:18 | 000,000,927 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 genuine.microsoft.com

O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com

O1 - Hosts: 127.0.0.1 sls.microsoft.com

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (BHO Class) - {DD92DE22-ED91-4560-B788-DEE2B26612E6} - C:\Program Files\DeviceVM\Browser Configuration Utility\IEHelper.dll (DeviceVM, Inc.)

O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

O4 - HKLM..\Run: [bCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)

O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] E:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [P17RunE] C:\Windows\System32\P17RunE.dll (Creative Technology Ltd.)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)

O4 - HKCU..\Run: [sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)

O4 - HKCU..\Run: [steam] E:\Program Files\Steam\Steam.exe (Valve Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kamil\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.30.129.149 217.30.137.200

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85B649D2-5B8F-4638-8B1D-787B35FF1023}: DhcpNameServer = 217.30.129.149 217.30.137.200

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2011-07-23 11:13:46 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2009-09-15 00:52:49 | 000,000,050 | R--- | M] () - J:\autorun.inf -- [ CDFS ]

O33 - MountPoints2\{03832a4c-4782-11e1-9701-00241ddb25e7}\Shell - "" = AutoRun

O33 - MountPoints2\{03832a4c-4782-11e1-9701-00241ddb25e7}\Shell\AutoRun\command - "" = L:\Startme.exe

O33 - MountPoints2\{1744f119-2117-11e1-b28e-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{1744f119-2117-11e1-b28e-806e6f6e6963}\Shell\AutoRun\command - "" = J:\Launcher.exe -- [2009-09-22 16:02:07 | 001,668,472 | R--- | M] (Gearbox Software)

O33 - MountPoints2\{d4067440-2246-11e1-b370-00241ddb25e7}\Shell - "" = AutoRun

O33 - MountPoints2\{d4067440-2246-11e1-b370-00241ddb25e7}\Shell\AutoRun\command - "" = K:\Install.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012-07-13 19:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2012-07-13 19:38:23 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle

[2012-07-13 19:38:01 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll

[2012-07-13 19:38:01 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2012-07-13 19:37:44 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2012-07-13 18:00:39 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Malwarebytes

[2012-07-13 18:00:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012-07-13 18:00:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012-07-13 18:00:19 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2012-07-13 18:00:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2012-07-12 06:12:07 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2012-07-12 06:12:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2012-07-12 06:12:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2012-07-12 06:12:05 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2012-07-12 06:12:05 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2012-07-12 06:12:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2012-07-12 06:12:03 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2012-07-12 06:11:00 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2012-07-12 05:48:17 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll

[2012-07-12 05:48:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll

[2012-07-12 05:48:09 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll

[2012-07-10 16:48:03 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe

[2012-07-10 16:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

[2012-07-10 16:40:34 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET

[2012-07-10 16:40:34 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2012-07-02 10:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

[2012-06-26 16:34:24 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\minecraft

[2012-06-24 13:13:22 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\Chromium

[2012-06-24 12:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth

[2012-06-24 12:42:12 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Documents\Heroes of Newerth

[2012-06-24 12:42:12 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth

[2012-06-23 08:17:30 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll

[2012-06-23 08:17:30 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll

[2012-06-23 08:17:18 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll

[2012-06-23 08:17:18 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll

[2012-06-23 08:17:18 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll

[2012-06-23 08:17:12 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll

[2012-06-23 08:17:12 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

[2012-06-14 22:31:26 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\{356A951C-0F49-4EA8-B5A5-14BC8131D38D}

[2012-06-14 22:31:12 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\{211B92B5-8DD5-4619-A5F3-0C2489FC3E36}

[2012-06-14 07:51:23 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll

[2012-06-14 07:51:22 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll

[2012-06-14 07:51:22 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe

[2012-06-14 07:51:08 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll

 

========== Files - Modified Within 30 Days ==========

 

[2012-07-13 19:51:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012-07-13 19:45:13 | 000,697,674 | ---- | M] () -- C:\Windows\System32\perfh015.dat

[2012-07-13 19:45:13 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012-07-13 19:45:13 | 000,134,784 | ---- | M] () -- C:\Windows\System32\perfc015.dat

[2012-07-13 19:45:13 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012-07-13 19:37:45 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2012-07-13 19:37:45 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2012-07-13 19:35:08 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012-07-13 19:35:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012-07-13 19:34:56 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys

[2012-07-13 19:33:59 | 000,016,864 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012-07-13 19:33:59 | 000,016,864 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012-07-13 19:29:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012-07-13 18:00:20 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012-07-12 16:51:12 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2012-07-12 16:51:12 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2012-07-12 16:27:18 | 000,409,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2012-07-09 07:33:15 | 224,110,094 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2012-07-06 13:51:06 | 001,365,504 | ---- | M] () -- C:\Users\Kamil\Desktop\Bez tytułu.png

[2012-07-05 22:06:48 | 000,227,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2012-07-05 22:06:30 | 000,772,544 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll

[2012-07-05 22:06:20 | 000,687,544 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll

[2012-07-04 10:48:17 | 000,001,050 | ---- | M] () -- C:\Users\Kamil\Desktop\azis hop — skrót.lnk

[2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2012-06-25 11:28:45 | 000,024,624 | ---- | M] () -- C:\Users\Kamil\Desktop\projekt wyspy.h3m

[2012-06-24 12:42:13 | 000,000,792 | ---- | M] () -- C:\Users\Kamil\Desktop\Heroes of Newerth.lnk

[2012-06-24 11:38:56 | 000,032,660 | ---- | M] () -- C:\Users\Kamil\Documents\godło-Rosji.jpg

[2012-06-16 14:39:45 | 000,000,000 | ---- | M] () -- C:\Users\Kamil\Desktop\Minecraft_Server.exe

[2012-06-14 12:45:18 | 000,000,927 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

 

========== Files Created - No Company Name ==========

 

[2012-07-13 18:00:20 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012-07-09 07:33:15 | 224,110,094 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2012-07-04 10:48:17 | 000,001,050 | ---- | C] () -- C:\Users\Kamil\Desktop\azis hop — skrót.lnk

[2012-06-25 11:28:45 | 000,024,624 | ---- | C] () -- C:\Users\Kamil\Desktop\projekt wyspy.h3m

[2012-06-24 12:42:13 | 000,000,792 | ---- | C] () -- C:\Users\Kamil\Desktop\Heroes of Newerth.lnk

[2012-06-24 11:38:54 | 000,032,660 | ---- | C] () -- C:\Users\Kamil\Documents\godło-Rosji.jpg

[2012-06-16 14:39:45 | 000,000,000 | ---- | C] () -- C:\Users\Kamil\Desktop\Minecraft_Server.exe

[2012-06-11 20:27:24 | 000,122,884 | ---- | C] () -- C:\Windows\UnGins.exe

[2012-05-15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe

[2012-03-10 10:30:55 | 000,143,068 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat

[2012-02-15 20:21:31 | 000,000,297 | ---- | C] () -- C:\Windows\SIERRA.INI

[2011-12-30 16:22:50 | 000,119,686 | ---- | C] () -- C:\Users\Kamil\nfsw007.jpg

[2011-12-30 16:22:50 | 000,116,363 | ---- | C] () -- C:\Users\Kamil\nfsw006.jpg

[2011-12-30 16:22:50 | 000,107,152 | ---- | C] () -- C:\Users\Kamil\nfsw008.jpg

[2011-12-09 17:04:42 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2011-12-09 17:04:33 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2011-12-09 17:04:33 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2011-12-09 17:04:33 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2011-12-08 00:35:33 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL

[2011-12-08 00:35:33 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL

[2011-12-07 23:41:19 | 000,080,488 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2011-12-07 23:33:47 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini

[2010-11-21 04:32:44 | 000,697,674 | ---- | C] () -- C:\Windows\System32\perfh015.dat

[2010-11-21 04:32:44 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat

[2010-11-21 04:32:44 | 000,134,784 | ---- | C] () -- C:\Windows\System32\perfc015.dat

[2010-11-21 04:32:44 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat

[2010-11-20 23:29:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe

[2010-11-20 23:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

 

< End of report >

 

 

 

 

to tyle w razie problemow czekam na rozwiazanie.

[Landuss]

Logi wstawia się opcją załączniki tak jak to wcześniej zrobiłeś a nie do posta. Infekcja usunięta i powinno być po problemie. Przejdź do finalizacji tematu:

 

1. Użyj opcji Sprzątanie z OTL.

 

2. Opróżnij folder przywracania systemu: KLIK

 

3. Zaktualizuj Jave do najnowszej wersji: KLIK

 

4. Dla bezpieczeństwa zmień hasła logowania do serwisów w sieci.

[Asatero]

Dziękuję za wszystko i pozdrawiam