Aktualny czas: 19-04-2014, 20:34 Logowanie | Rejestracja


Odpowiedz
usuniecie dodatku 22apple
22-03-2013, 12:04
Post #1
CoolTT
Zarejestrowani

Dołączył:22-03-2013
Posty:7
podczas instalowania utorrent zainstaliowało mi jakis dodatek "22apple"

Podczas uruchamiania google chrome włącza sie od razu strona 22apple.Szukałem w panelu sterowania programu zeby go odinstalowac ale nie znalazłem.W ustawieniach przegladarki znalazłem to w rozszezreniach,usunąłem to ale nadal wyskakuje ta strona przy starcie systemu.Zmieniłem strone startową i nadal nic.



strona która sie ładuje przy starcie przeglądarki to :

http://www.22apple.com/?utm_source=b&utm...1363944930




nie mam pojęcia jak to odinstalować


OTL:
OTL logfile created on: 2013-03-22 12:23:28 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kamil\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

8,00 Gb Total Physical Memory | 5,92 Gb Available Physical Memory | 73,98% Memory free
16,00 Gb Paging File | 13,60 Gb Available in Paging File | 85,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 46,17 Gb Free Space | 47,32% Space Free | Partition Type: NTFS
Drive D: | 600,97 Gb Total Space | 402,89 Gb Free Space | 67,04% Space Free | Partition Type: NTFS

Computer Name: KAMIL-KOMPUTER | User Name: Kamil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-03-22 10:35:25 | 001,037,648 | ---- | M] (BitTorrent Inc.) -- D:\utorrent\uTorrent.exe
PRC - [2013-03-21 08:26:41 | 000,154,176 | ---- | M] (GG Network S.A.) -- C:\Users\Kamil\AppData\Local\GG\Application\ggapp.exe
PRC - [2013-03-11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013-02-27 10:43:20 | 003,234,368 | ---- | M] (GG Network S.A.) -- C:\Users\Kamil\AppData\Local\GG\Application\ggdrive\ggdrive.exe
PRC - [2013-02-27 10:43:18 | 003,381,824 | ---- | M] (GG Network S.A.) -- C:\Users\Kamil\AppData\Local\GG\Application\gghub.exe
PRC - [2013-02-20 15:28:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\OTL.exe
PRC - [2013-02-19 11:18:05 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013-02-19 11:18:05 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2012-12-24 12:21:49 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-10-23 09:25:06 | 002,744,960 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-07-13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012-03-07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010-12-29 15:42:40 | 002,622,464 | ---- | M] () -- C:\Program Files (x86)\Rapoo\9200\9200_Mouse.exe


========== Modules (No Company Name) ==========

MOD - [2013-03-21 08:26:42 | 001,945,600 | ---- | M] () -- C:\Users\Kamil\AppData\Local\GG\Application\xulrunner\mozjs.dll
MOD - [2013-03-11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
MOD - [2013-03-11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013-03-11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013-03-11 01:21:18 | 000,596,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013-03-11 01:21:18 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013-03-11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2013-02-27 10:43:20 | 009,816,192 | ---- | M] () -- C:\Users\Kamil\AppData\Local\GG\Application\FMSBWChecker\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
MOD - [2013-02-27 10:43:20 | 000,135,168 | ---- | M] () -- C:\Users\Kamil\AppData\Local\GG\Application\ggdrive\zlib1.dll
MOD - [2013-02-19 11:18:05 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2013-02-19 11:18:05 | 000,156,848 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll
MOD - [2012-12-03 11:36:01 | 000,107,520 | ---- | M] () -- C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll
MOD - [2010-12-29 15:42:40 | 002,622,464 | ---- | M] () -- C:\Program Files (x86)\Rapoo\9200\9200_Mouse.exe


========== Services (SafeList) ==========

SRV:64bit: - [2012-03-07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011-07-28 17:43:58 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013-02-19 11:18:05 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2012-12-24 12:21:49 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-12-03 11:37:38 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012-10-10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-07-13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-02-19 11:18:05 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012-12-03 11:35:03 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-08-28 13:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012-05-20 19:16:58 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-05-20 18:59:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012-05-20 18:59:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012-03-14 08:40:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012-03-14 08:40:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012-03-14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012-01-17 13:45:58 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011-06-24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011-06-18 10:38:10 | 003,223,040 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2011-06-10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010-12-01 08:52:58 | 000,028,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rp24msdrv.sys -- (rp24msdrv)
DRV:64bit: - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-06-16 22:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010-02-18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.22apple.com/newtab?utm_source...1363944939
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.22apple.com/newtab?utm_source...1363944939
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.22apple.com/newtab?utm_source...1363944939
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.22apple.com/newtab?utm_source...1363944939
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerm...ORM=IE8SRC
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.22apple.com/search/web/?q={se...1363944942
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\..\SearchScopes\{43E7DC72-8A82-4ECB-810E-4D95E0F91432}: "URL" = http://websearch.ask.com/redirect?client...0E12627A06
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={B92C0...2012-12-27 00:30:06&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013-02-19 11:18:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-12-06 18:44:22 | 000,000,000 | ---D | M]

[2013-03-11 12:49:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:sea​rchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.pl/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Dysk Google = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Onet.pl AutoUpdate] "C:\Program Files (x86)\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexe File not found
O4 - HKLM..\Run: [Rapoo 9200] C:\Program Files (x86)\Rapoo\9200\9200_Mouse.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000..\Run: [ChomikBox] D:\chomik\chomikbox.exe ( )
O4 - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000..\Run: [GG] C:\Users\Kamil\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/sh...wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BBDD4137-4818-4A1B-857C-9BD3452F4F3B}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8e8bad55-3d29-11e2-a26f-8c89a5817067}\Shell - "" = AutoRun
O33 - MountPoints2\{8e8bad55-3d29-11e2-a26f-8c89a5817067}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-03-22 11:12:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013-03-22 10:33:36 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\uTorrent
[2013-03-21 20:56:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2013-03-21 18:30:10 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\SniperV2
[2013-03-21 15:26:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebellion
[2013-03-21 11:38:05 | 000,000,000 | ---D | C] -- C:\Users\Kamil\.gstreamer-0.10
[2013-03-21 11:36:32 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\ChomikBox
[2013-03-21 11:36:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl
[2013-03-21 08:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\GG
[2013-03-20 13:22:45 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\SKIDROW
[2013-03-20 13:22:45 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Documents\Remedy
[2013-03-20 11:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remedy Entertainment
[2013-03-14 00:44:51 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013-03-14 00:44:51 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013-03-14 00:44:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013-03-14 00:44:48 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013-03-14 00:44:48 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013-03-14 00:44:48 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013-03-14 00:44:47 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013-03-14 00:44:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013-03-14 00:44:44 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013-03-14 00:44:43 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013-03-14 00:44:43 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013-03-14 00:44:41 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013-03-14 00:44:34 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013-03-14 00:44:33 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013-03-14 00:44:32 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013-03-12 19:55:39 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\WB Games
[2013-03-11 19:47:47 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\ana
[2013-03-11 12:52:27 | 000,000,000 | --SD | C] -- C:\Users\Kamil\GG dysk
[2013-03-11 12:49:19 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Mozilla
[2013-03-11 12:49:02 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\GG
[2013-03-11 12:48:51 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\GG
[2013-03-02 10:21:09 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Documents\Version Cue
[2013-03-02 10:21:09 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Documents\AdobeStockPhotos
[2013-03-02 10:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2013-03-01 18:06:29 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Milestone
[2013-03-01 16:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WRC 3
[2013-02-22 10:42:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2013-02-22 10:42:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2013-02-22 10:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapoo
[2013-02-22 10:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rapoo
[2013-02-22 10:26:45 | 000,058,536 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys
[2013-02-22 10:25:30 | 000,000,000 | ---D | C] -- C:\AMD
[2013-02-22 10:22:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius
[2013-02-22 10:19:59 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\Portable.Driver.Genius.Professional.v12.0.0.1211
[2013-02-21 18:58:22 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\DisneyInteractiveStudios
[2013-02-20 15:28:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kamil\Desktop\OTL.exe

========== Files - Modified Within 30 Days ==========

[2013-03-22 11:53:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-03-22 11:40:52 | 000,149,006 | ---- | M] () -- C:\Users\Kamil\Desktop\Bez tytułu.jpg
[2013-03-22 10:35:41 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[2013-03-22 10:35:25 | 000,000,520 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013-03-22 09:53:00 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-03-22 08:37:55 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-03-22 08:37:55 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-03-22 08:34:52 | 001,663,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-03-22 08:34:52 | 000,737,942 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013-03-22 08:34:52 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-03-22 08:34:52 | 000,154,630 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013-03-22 08:34:52 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-03-22 08:30:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-03-22 08:30:28 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2013-03-20 20:24:17 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job
[2013-03-20 14:13:12 | 000,073,269 | ---- | M] () -- C:\Users\Kamil\Desktop\solmyr_by_bonefletcher.psd
[2013-03-20 13:05:43 | 000,001,670 | ---- | M] () -- C:\Users\Kamil\Desktop\cstrike.exe — skrót.lnk
[2013-03-20 11:21:02 | 000,000,601 | ---- | M] () -- C:\Users\Public\Desktop\Alan Wake.lnk
[2013-03-16 07:59:42 | 002,216,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-03-11 15:06:51 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013-03-11 12:49:05 | 000,001,103 | ---- | M] () -- C:\Users\Kamil\Desktop\GG.lnk
[2013-02-22 10:31:25 | 000,016,220 | ---- | M] () -- C:\Windows\unins000.dat
[2013-02-22 10:30:50 | 001,478,609 | ---- | M] () -- C:\Windows\unins000.exe
[2013-02-20 15:28:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\OTL.exe

========== Files Created - No Company Name ==========

[2013-03-22 11:40:52 | 000,149,006 | ---- | C] () -- C:\Users\Kamil\Desktop\Bez tytułu.jpg
[2013-03-22 10:35:41 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2013-03-22 10:35:25 | 000,000,520 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013-03-20 13:05:46 | 000,001,670 | ---- | C] () -- C:\Users\Kamil\Desktop\cstrike.exe — skrót.lnk
[2013-03-20 11:21:02 | 000,000,601 | ---- | C] () -- C:\Users\Public\Desktop\Alan Wake.lnk
[2013-03-15 10:41:11 | 000,073,269 | ---- | C] () -- C:\Users\Kamil\Desktop\solmyr_by_bonefletcher.psd
[2013-03-11 15:06:51 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2013-03-11 15:06:51 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013-03-11 12:49:05 | 000,001,103 | ---- | C] () -- C:\Users\Kamil\Desktop\GG.lnk
[2013-03-11 12:49:01 | 000,001,111 | ---- | C] () -- C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
[2013-02-22 10:31:05 | 000,028,416 | ---- | C] () -- C:\Windows\SysNative\drivers\rp24msdrv.sys
[2013-02-22 10:31:04 | 001,478,609 | ---- | C] () -- C:\Windows\unins000.exe
[2013-02-22 10:31:04 | 000,016,220 | ---- | C] () -- C:\Windows\unins000.dat
[2012-12-26 14:01:33 | 001,638,614 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-12-24 12:21:52 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-12-24 12:21:49 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-10-01 06:17:22 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe
[2012-09-29 23:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini
[2012-09-25 06:30:54 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012-09-25 06:30:04 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012-09-25 06:29:20 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012-09-25 06:29:00 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2012-09-25 06:29:00 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2012-09-25 06:29:00 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2012-09-25 06:28:58 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2012-09-25 06:28:58 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2012-09-25 06:28:58 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2012-07-19 19:56:08 | 000,172,544 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012-07-19 19:56:02 | 006,894,331 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2012-07-19 19:56:02 | 001,111,581 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2012-07-19 19:56:02 | 000,401,685 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012-07-19 19:56:02 | 000,232,895 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012-07-19 19:56:02 | 000,162,743 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2012-07-19 19:56:02 | 000,101,820 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-0.dll
[2011-12-07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011-09-08 15:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011-09-08 15:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011-09-08 15:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011-09-08 15:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011-09-08 15:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011-09-08 15:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011-09-08 15:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011-09-08 15:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011-09-08 14:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011-09-08 14:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011-06-24 04:58:32 | 000,242,259 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011-06-24 04:58:04 | 000,877,296 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-02-04 12:36:59 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Atari
[2013-02-05 14:43:40 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\AutoUpdate
[2012-12-04 09:42:50 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\DAEMON Tools Pro
[2013-02-21 18:58:22 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\DisneyInteractiveStudios
[2013-01-31 20:23:34 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\dll-files.com
[2013-01-31 15:56:26 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Doublefine
[2013-03-22 08:30:55 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\GG
[2013-01-03 13:56:24 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\HideIPEasy
[2013-03-13 13:02:07 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Kamerzysta
[2013-03-01 18:06:29 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Milestone
[2013-02-16 10:26:50 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Origin
[2012-12-01 14:34:05 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Techland
[2013-01-12 17:18:17 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\TS3Client
[2013-03-22 12:27:21 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\uTorrent
[2013-02-08 17:49:56 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Warner Bros. Interactive Entertainment
[2013-03-12 19:55:39 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\WB Games

========== Purity Check ==========



< End of report >
Ten post był ostatnio modyfikowany: 22-03-2013 o 12:33 przez CoolTT.
Odpowiedz cytując ten post
22-03-2013, 12:50
Post #2
DIPPY16
Zarejestrowani

Dołączył:17-02-2013
Posty:59
Cóż prócz logów natrafiłem też na pewien program który może poradzić sobie z tym a mianowicie:

http://www.dobreprogramy.pl/AdwCleaner,Program,Windows,38865.html
Odpowiedz cytując ten post
22-03-2013, 14:22
Post #3
kermel
Administratorzy

Dołączył:17-07-2012
Skąd:Rybnik
Posty:3 167
Co to ma wspólnego z "Siecią"?

@CoolTT - rejestrując się zaakceptowałeś regulamin, więc przestrzegaj go. Jest ściśle określone jak prezentować logi. Zapoznaj się też z zasadami działu Rodzina Windows, bo tam domyślnie ląduje temat. Głównie popatrz na ustawienia skanowania OTL'a, bo tu jest potrzebny więcej niż jeden raport.

@DIPPY16 - jeśli podajesz link do programu, to podawaj bezpośrednio stronę producenta, nie poboczne strony. Za chwilę będzie następny problem z toolbarem od AVG, który dobreprogramy sprytnie próbują przemycić w swoim menadżerze pobierania. Tak, jest opcja bezpośredniego linku, ale osoby niewprawione niekoniecznie mogą ją zauważyć w tle wielkiego "Pobierz".
Ten post był ostatnio modyfikowany: 22-03-2013 o 14:23 przez kermel.

Wstawiam, bo niektórzy zbyt często wagarowali/wagarują na j.polskim, a i książek na oczy chyba nie widzieli. 1 / 2
Odwiedź stronę użytkownika
Odpowiedz cytując ten post
22-03-2013, 14:52
Post #4
CoolTT
Zarejestrowani

Dołączył:22-03-2013
Posty:7
Przepraszam za pomyłke,postaram sie już nie popełniać takich gaf

OTL:

OTL logfile created on: 2013-03-22 14:41:35 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kamil\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

8,00 Gb Total Physical Memory | 5,81 Gb Available Physical Memory | 72,69% Memory free
16,00 Gb Paging File | 13,59 Gb Available in Paging File | 84,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 46,15 Gb Free Space | 47,30% Space Free | Partition Type: NTFS
Drive D: | 600,97 Gb Total Space | 402,88 Gb Free Space | 67,04% Space Free | Partition Type: NTFS

Computer Name: KAMIL-KOMPUTER | User Name: Kamil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-03-22 10:35:25 | 001,037,648 | ---- | M] (BitTorrent Inc.) -- D:\utorrent\uTorrent.exe
PRC - [2013-03-21 08:26:41 | 000,154,176 | ---- | M] (GG Network S.A.) -- C:\Users\Kamil\AppData\Local\GG\Application\ggapp.exe
PRC - [2013-03-11 01:22:07 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013-02-27 10:43:20 | 003,234,368 | ---- | M] (GG Network S.A.) -- C:\Users\Kamil\AppData\Local\GG\Application\ggdrive\ggdrive.exe
PRC - [2013-02-27 10:43:18 | 003,381,824 | ---- | M] (GG Network S.A.) -- C:\Users\Kamil\AppData\Local\GG\Application\gghub.exe
PRC - [2013-02-20 15:28:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\OTL.exe
PRC - [2013-02-19 11:18:05 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013-02-19 11:18:05 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2012-12-24 12:21:49 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-10-23 09:25:06 | 002,744,960 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-07-13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012-03-07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010-12-29 15:42:40 | 002,622,464 | ---- | M] () -- C:\Program Files (x86)\Rapoo\9200\9200_Mouse.exe


========== Modules (No Company Name) ==========

MOD - [2013-03-21 08:26:42 | 001,945,600 | ---- | M] () -- C:\Users\Kamil\AppData\Local\GG\Application\xulrunner\mozjs.dll
MOD - [2013-03-11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
MOD - [2013-03-11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013-03-11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013-03-11 01:21:18 | 000,596,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013-03-11 01:21:18 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013-03-11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2013-02-27 10:43:20 | 009,816,192 | ---- | M] () -- C:\Users\Kamil\AppData\Local\GG\Application\FMSBWChecker\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
MOD - [2013-02-27 10:43:20 | 000,135,168 | ---- | M] () -- C:\Users\Kamil\AppData\Local\GG\Application\ggdrive\zlib1.dll
MOD - [2013-02-19 11:18:05 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2013-02-19 11:18:05 | 000,156,848 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll
MOD - [2013-01-24 12:16:54 | 001,050,112 | ---- | M] () -- c:\progra~2\browse~1\sprote~1.dll
MOD - [2012-12-03 11:36:01 | 000,107,520 | ---- | M] () -- C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll
MOD - [2010-12-29 15:42:40 | 002,622,464 | ---- | M] () -- C:\Program Files (x86)\Rapoo\9200\9200_Mouse.exe


========== Services (SafeList) ==========

SRV:64bit: - [2012-03-07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2011-07-28 17:43:58 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013-02-19 11:18:05 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2012-12-24 12:21:49 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-12-03 11:37:38 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012-10-10 21:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-10-02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-07-13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013-02-19 11:18:05 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012-12-03 11:35:03 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-08-28 13:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012-05-20 19:16:58 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-05-20 18:59:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012-05-20 18:59:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012-03-14 08:40:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012-03-14 08:40:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012-03-14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012-01-17 13:45:58 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011-06-24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011-06-18 10:38:10 | 003,223,040 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2011-06-10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010-12-01 08:52:58 | 000,028,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rp24msdrv.sys -- (rp24msdrv)
DRV:64bit: - [2010-11-21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-06-16 22:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010-02-18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.22apple.com/newtab?utm_source...1363944939
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.22apple.com/newtab?utm_source...1363944939
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.22apple.com/newtab?utm_source...1363944939
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.22apple.com/newtab?utm_source...1363944939
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerm...ORM=IE8SRC
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.22apple.com/search/web/?q={se...1363944942
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\..\SearchScopes\{43E7DC72-8A82-4ECB-810E-4D95E0F91432}: "URL" = http://websearch.ask.com/redirect?client...0E12627A06
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={B92C0...2012-12-27 00:30:06&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013-02-19 11:18:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-12-06 18:44:22 | 000,000,000 | ---D | M]

[2013-03-11 12:49:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kamil\AppData\Roaming\mozilla\Extensions

========== Chrome ==========

CHR - homepage: http://www.google.pl/
CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Onet.pl AutoUpdate] "C:\Program Files (x86)\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexe File not found
O4 - HKLM..\Run: [Rapoo 9200] C:\Program Files (x86)\Rapoo\9200\9200_Mouse.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000..\Run: [ChomikBox] D:\chomik\chomikbox.exe ( )
O4 - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3783779841-4013014695-2269042626-1000..\Run: [GG] C:\Users\Kamil\AppData\Local\GG\Application\gghub.exe (GG Network S.A.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/sh...wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BBDD4137-4818-4A1B-857C-9BD3452F4F3B}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20 - AppInit_DLLs: (c:\progra~2\browse~1\sprote~1.dll) - c:\progra~2\browse~1\sprote~1.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8e8bad55-3d29-11e2-a26f-8c89a5817067}\Shell - "" = AutoRun
O33 - MountPoints2\{8e8bad55-3d29-11e2-a26f-8c89a5817067}\Shell\AutoRun\command - "" = G:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013-03-22 14:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowseToSave
[2013-03-22 14:21:33 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013-03-22 11:12:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013-03-22 10:33:36 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\uTorrent
[2013-03-21 20:56:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2013-03-21 18:30:10 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\SniperV2
[2013-03-21 15:26:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebellion
[2013-03-21 11:38:05 | 000,000,000 | ---D | C] -- C:\Users\Kamil\.gstreamer-0.10
[2013-03-21 11:36:32 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\ChomikBox
[2013-03-21 11:36:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl
[2013-03-21 08:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\GG
[2013-03-20 13:22:45 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\SKIDROW
[2013-03-20 13:22:45 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Documents\Remedy
[2013-03-20 11:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remedy Entertainment
[2013-03-14 00:44:51 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013-03-14 00:44:51 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013-03-14 00:44:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013-03-14 00:44:48 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013-03-14 00:44:48 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013-03-14 00:44:48 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013-03-14 00:44:47 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013-03-14 00:44:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013-03-14 00:44:44 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013-03-14 00:44:43 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013-03-14 00:44:43 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013-03-14 00:44:41 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013-03-14 00:44:34 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013-03-14 00:44:33 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013-03-14 00:44:32 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013-03-12 19:55:39 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\WB Games
[2013-03-11 19:47:47 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\ana
[2013-03-11 12:52:27 | 000,000,000 | --SD | C] -- C:\Users\Kamil\GG dysk
[2013-03-11 12:49:19 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Mozilla
[2013-03-11 12:49:02 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\GG
[2013-03-11 12:48:51 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Local\GG
[2013-03-02 10:21:09 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Documents\Version Cue
[2013-03-02 10:21:09 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Documents\AdobeStockPhotos
[2013-03-02 10:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2013-03-01 18:06:29 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\Milestone
[2013-03-01 16:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WRC 3
[2013-02-22 10:42:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2013-02-22 10:42:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2013-02-22 10:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapoo
[2013-02-22 10:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rapoo
[2013-02-22 10:26:45 | 000,058,536 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys
[2013-02-22 10:25:30 | 000,000,000 | ---D | C] -- C:\AMD
[2013-02-22 10:22:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius
[2013-02-22 10:19:59 | 000,000,000 | ---D | C] -- C:\Users\Kamil\Desktop\Portable.Driver.Genius.Professional.v12.0.0.1211
[2013-02-21 18:58:22 | 000,000,000 | ---D | C] -- C:\Users\Kamil\AppData\Roaming\DisneyInteractiveStudios
[2013-02-20 15:28:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kamil\Desktop\OTL.exe

========== Files - Modified Within 30 Days ==========

[2013-03-22 13:53:01 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-03-22 10:35:41 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[2013-03-22 10:35:25 | 000,000,520 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013-03-22 09:53:00 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-03-22 08:37:55 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-03-22 08:37:55 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-03-22 08:34:52 | 001,663,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-03-22 08:34:52 | 000,737,942 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013-03-22 08:34:52 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-03-22 08:34:52 | 000,154,630 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013-03-22 08:34:52 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-03-22 08:30:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-03-22 08:30:28 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2013-03-20 20:24:17 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job
[2013-03-20 14:13:12 | 000,073,269 | ---- | M] () -- C:\Users\Kamil\Desktop\solmyr_by_bonefletcher.psd
[2013-03-20 13:05:43 | 000,001,670 | ---- | M] () -- C:\Users\Kamil\Desktop\cstrike.exe — skrót.lnk
[2013-03-20 11:21:02 | 000,000,601 | ---- | M] () -- C:\Users\Public\Desktop\Alan Wake.lnk
[2013-03-16 07:59:42 | 002,216,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013-03-11 15:06:51 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013-03-11 12:49:05 | 000,001,103 | ---- | M] () -- C:\Users\Kamil\Desktop\GG.lnk
[2013-02-22 10:31:25 | 000,016,220 | ---- | M] () -- C:\Windows\unins000.dat
[2013-02-22 10:30:50 | 001,478,609 | ---- | M] () -- C:\Windows\unins000.exe
[2013-02-20 15:28:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kamil\Desktop\OTL.exe

========== Files Created - No Company Name ==========

[2013-03-22 10:35:41 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2013-03-22 10:35:25 | 000,000,520 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013-03-20 13:05:46 | 000,001,670 | ---- | C] () -- C:\Users\Kamil\Desktop\cstrike.exe — skrót.lnk
[2013-03-20 11:21:02 | 000,000,601 | ---- | C] () -- C:\Users\Public\Desktop\Alan Wake.lnk
[2013-03-15 10:41:11 | 000,073,269 | ---- | C] () -- C:\Users\Kamil\Desktop\solmyr_by_bonefletcher.psd
[2013-03-11 15:06:51 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2013-03-11 15:06:51 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013-03-11 12:49:05 | 000,001,103 | ---- | C] () -- C:\Users\Kamil\Desktop\GG.lnk
[2013-03-11 12:49:01 | 000,001,111 | ---- | C] () -- C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GG.lnk
[2013-02-22 10:31:05 | 000,028,416 | ---- | C] () -- C:\Windows\SysNative\drivers\rp24msdrv.sys
[2013-02-22 10:31:04 | 001,478,609 | ---- | C] () -- C:\Windows\unins000.exe
[2013-02-22 10:31:04 | 000,016,220 | ---- | C] () -- C:\Windows\unins000.dat
[2012-12-26 14:01:33 | 001,638,614 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012-12-24 12:21:52 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-12-24 12:21:49 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-10-01 06:17:22 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe
[2012-09-29 23:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini
[2012-09-25 06:30:54 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012-09-25 06:30:04 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012-09-25 06:29:20 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012-09-25 06:29:00 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2012-09-25 06:29:00 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2012-09-25 06:29:00 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2012-09-25 06:28:58 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2012-09-25 06:28:58 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2012-09-25 06:28:58 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2012-07-19 19:56:08 | 000,172,544 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012-07-19 19:56:02 | 006,894,331 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2012-07-19 19:56:02 | 001,111,581 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2012-07-19 19:56:02 | 000,401,685 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012-07-19 19:56:02 | 000,232,895 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll
[2012-07-19 19:56:02 | 000,162,743 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2012-07-19 19:56:02 | 000,101,820 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-0.dll
[2011-12-07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011-09-08 15:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011-09-08 15:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011-09-08 15:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011-09-08 15:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011-09-08 15:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011-09-08 15:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011-09-08 15:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011-09-08 15:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011-09-08 14:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011-09-08 14:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011-07-28 17:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011-06-24 04:58:32 | 000,242,259 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011-06-24 04:58:04 | 000,877,296 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013-02-04 12:36:59 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Atari
[2013-02-05 14:43:40 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\AutoUpdate
[2012-12-04 09:42:50 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\DAEMON Tools Pro
[2013-02-21 18:58:22 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\DisneyInteractiveStudios
[2013-01-31 20:23:34 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\dll-files.com
[2013-01-31 15:56:26 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Doublefine
[2013-03-22 08:30:55 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\GG
[2013-01-03 13:56:24 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\HideIPEasy
[2013-03-13 13:02:07 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Kamerzysta
[2013-03-01 18:06:29 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Milestone
[2013-02-16 10:26:50 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Origin
[2012-12-01 14:34:05 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Techland
[2013-01-12 17:18:17 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\TS3Client
[2013-03-22 14:49:47 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\uTorrent
[2013-02-08 17:49:56 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\Warner Bros. Interactive Entertainment
[2013-03-12 19:55:39 | 000,000,000 | ---D | M] -- C:\Users\Kamil\AppData\Roaming\WB Games

========== Purity Check ==========



< End of report >



extras:
OTL Extras logfile created on: 2013-03-22 14:41:35 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kamil\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

8,00 Gb Total Physical Memory | 5,81 Gb Available Physical Memory | 72,69% Memory free
16,00 Gb Paging File | 13,59 Gb Available in Paging File | 84,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 46,15 Gb Free Space | 47,30% Space Free | Partition Type: NTFS
Drive D: | 600,97 Gb Total Space | 402,88 Gb Free Space | 67,04% Space Free | Partition Type: NTFS

Computer Name: KAMIL-KOMPUTER | User Name: Kamil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3783779841-4013014695-2269042626-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ChomikBox.Upload] -- "D:\chomik\\ChomikBox.exe" -u"%1" ( )
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ChomikBox.Upload] -- "D:\chomik\\ChomikBox.exe" -u"%1" ( )
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03786895-DB39-4F5D-B7FE-5E5CFF7E8D48}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{121B68AA-5BC0-4E61-ACDD-BD87AE519E63}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1D5A7A97-FE05-4306-8CB2-06DBE51983E9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1E7CF6B1-04C4-42E3-B9A2-6983523BC748}" = rport=139 | protocol=6 | dir=out | app=system |
"{213FCC80-0F1E-450D-BD4E-82969FE8B739}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2349A26D-79B9-45DC-B514-CA78C0F0C688}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2473F574-E08B-4BF7-9B93-C31C8DC2CD76}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{24FC3308-62E4-4A0B-A038-F776ABDB13CB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{250C5951-C642-4D85-ABF7-96581204D422}" = lport=138 | protocol=17 | dir=in | app=system |
"{2631F943-6441-4870-849D-ADC36BC7C140}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2B18AA0D-4D70-4635-8FC8-69C65232A1B2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2F0A7DF1-94D1-4C01-BB72-2E193C869D0C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{35BD4A70-0C0A-4DF9-8238-951AAC166E23}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{38DE2535-195C-4E7C-84B2-48432F0C592A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{475C44D4-1E56-49B3-9DB0-5CA56BAFED11}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{47AE880F-7A32-4FF1-9282-4233A06C16C1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{47B2BF22-126B-4A15-9572-1D02C3618DA0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4846017C-AFA9-41C3-988C-08A97EE9A9F7}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{48852BCF-E459-45F9-B7A0-72B97A801210}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4A85AFA9-A64B-4247-9C40-51C1DA8D2D6E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{542DB7BD-01F3-4E04-9EA9-9908580FF9A3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{5B40852B-B5BF-414B-9D5B-01A469571D5E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{5D607991-373B-4FB3-8567-19B5802AC2D7}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{61ABF79F-A566-4E66-8E8D-5DBF38025EFF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{62A17B4A-34BF-4548-AE8D-2EC9899DE355}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{64C72C68-6D1E-4468-B721-1BB32ED2917A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6A44DBEE-8976-415A-8E5C-DAF341918558}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6EBE5E05-A0C7-42C5-B171-F7A88B2B9FF4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6FCA85E5-511F-4736-BB99-70A0CD0B4365}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{73CB1B07-DEBD-4B83-ADEF-89B3E4A59155}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{74675D51-0CEE-4425-B8B7-37CD1595B4E8}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{75912587-A2C9-497F-A9B6-72C10F3F810F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{775441CB-678E-4CAA-89AF-F031BA7E04FB}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{791A6241-DF2E-42AD-8B07-10114F4168DC}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7F418809-CE36-4F6B-8B3C-66F4D1C6B0F7}" = rport=137 | protocol=17 | dir=out | app=system |
"{80AD086A-6FB3-41E0-96F5-5B37E69BFCF9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{82FAE88F-775A-48A3-84B3-D4FEC2B8F86F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{85C72CCB-6A04-48DE-BB38-61BEAED7ED08}" = lport=139 | protocol=6 | dir=in | app=system |
"{870BBE2A-CD27-4AF6-865C-E1A4BD8ECCE3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{88997B91-2EBA-4FB7-AF03-1D766C4702FB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{8E672FEE-6DEA-4B13-A910-D2B15C53FC72}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{8FC9E495-561A-4461-AE18-15E9B675783A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{903F5B8C-C8A7-49DD-974F-9BCCBEF85A41}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{929CA215-23FF-43BA-BF69-F85EC1BA53E1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{93F2F275-49DF-46F2-9A84-56D429745A76}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{940FD5F5-5AC3-4224-9CF0-9C2D098C0BAB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{942D4A56-8280-4364-A0A6-17FA890602AD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{B7731E09-3FE3-46FB-A05D-D3F04C78C3F3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{BB5908B7-1523-466D-A04B-23FAC98D5FEE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{BC995B88-28CA-4D20-9A3F-043D4F4E7326}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{BE02311F-C299-4DC9-A62F-620D976ACDD1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C3592564-2C7B-4A34-9E37-17F77EDECEF9}" = rport=138 | protocol=17 | dir=out | app=system |
"{C4F0648F-E437-48B8-8E8E-1B6E9E7423F1}" = rport=445 | protocol=6 | dir=out | app=system |
"{C6652BDA-49CA-4F26-9018-50DF27824DAB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{CA257D94-724B-44C2-BE36-B74A4D4952EF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CBFC21DF-8ACB-4F1F-9862-D149A5B22B4E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D4F7F039-D529-4ECB-9FC3-3823E5B2FEFD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D756F241-2490-4030-A942-C69F3C0D3E5E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{DA2CDBD8-7AB5-4A74-8F83-3EE05C356F3C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{DDF35BC8-34B1-46AA-946E-495FD57560E3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E47CE7BF-40E0-44E1-9790-199B9AAE9E8A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E49FB30A-0868-4AE2-A0DB-FA77E6BC6EC2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F3EBAE4E-392B-4B10-BF82-93A38C9E76F6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F6668CE2-8112-49A1-8CA0-7B19F1C579EF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{F9A03D25-47E7-4E9F-81F2-0D0FEA9355E1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{FB6D2316-C6F7-42F5-B8F8-D311B5D4F918}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{FB954B0A-5D07-424E-97E8-53D4CA80D8C7}" = lport=137 | protocol=17 | dir=in | app=system |
"{FBEADB77-C78E-425D-824D-BACD75565A2C}" = lport=445 | protocol=6 | dir=in | app=system |
"{FC0669C8-6676-4591-89FD-5CD53B0232D5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{FD762EBF-12A6-433D-B5BD-EE9E202C0943}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{061F1D7A-002A-4719-BCC6-E52D0E2C3156}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{06E11B58-7FDB-4064-BDF8-877AE2C52C61}" = protocol=17 | dir=in | app=d:\tenis\vt4.exe |
"{0A7BA1E0-0A6F-4561-A3CB-16268C56AB22}" = protocol=6 | dir=in | app=d:\farcry 3\bin\fc3editor.exe |
"{116194D7-B908-4A79-8894-5DBCEF2926BA}" = protocol=17 | dir=in | app=d:\farcry 3\bin\farcry3.exe |
"{1798326F-733B-44D8-915A-A14B1E04C4B0}" = protocol=17 | dir=in | app=d:\farcry 3\bin\fc3updater.exe |
"{1CF81C3A-5AE3-436B-8796-4C7DEB904DF4}" = protocol=17 | dir=in | app=d:\farcry 3\bin\fc3editor.exe |
"{2252C67E-9FEF-48DF-B1F1-F4C36835B3A3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2BB6617E-7451-4859-99B5-03E9CF333257}" = protocol=6 | dir=in | app=d:\farcry 3\bin\fc3updater.exe |
"{3F7F4028-435B-4630-B6AA-79342447B6D6}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{45897EBB-EC9D-44FA-812F-F63378FA184D}" = protocol=6 | dir=in | app=d:\tenis\vt4.exe |
"{465FE6C8-695D-4CC3-AACC-C6262784EACD}" = protocol=6 | dir=in | app=d:\farcry 3\bin\farcry3_d3d11.exe |
"{4A9036DC-7996-48D4-B58D-D7A5D38DFC11}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe |
"{60FA727A-A18E-490E-9277-221D4B94FECA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6913BDBD-7E70-430E-93C0-9AF55A8C20E8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6B0B3444-8020-468A-88FC-3EDC7F6A9B39}" = protocol=17 | dir=in | app=d:\farcry 3\bin\farcry3_d3d11.exe |
"{77644805-ACB2-453D-B9B1-E6C138A930E1}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\fifa 12\game\fifa.exe |
"{7928198E-EB0B-481A-B43B-9EE8BEF2BE2A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7E75B2DB-3FFD-416F-A67E-BAC2679BAD28}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8C5ED3BC-FF01-4234-B9EB-A0A297D1ED8E}" = protocol=17 | dir=in | app=d:\resident evil 5\raccooncity.exe |
"{95551E74-16DA-40B7-A517-8AF2DC0A0A1F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C3819E08-E351-4C50-9005-BB8A6DCF3592}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{C4ABCB0A-3B10-461F-9C09-BB08D46AD194}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D1BFF85A-5FDD-457F-81CC-E802400BC1D0}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{DF29A496-E7CA-46A8-86A1-B108CCC53576}" = protocol=6 | dir=in | app=d:\farcry 3\bin\farcry3.exe |
"{FC08BE1F-CC7B-437F-A67B-128E5CB22C91}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FF4B1112-9E76-4CA9-8230-BF3F35B29A10}" = protocol=6 | dir=in | app=d:\resident evil 5\raccooncity.exe |
"TCP Query User{17F950BD-2697-4BBB-9765-55EF09460CD4}D:\pobrane\counter strike 1.6 by -_r3d_bull_-\counter strike 1.6 ns by r3d bull\hltv.exe" = protocol=6 | dir=in | app=d:\pobrane\counter strike 1.6 by -_r3d_bull_-\counter strike 1.6 ns by r3d bull\hltv.exe |
"TCP Query User{484A6685-E9A6-4770-9978-259875FC901E}D:\utorrent\utorrent.exe" = protocol=6 | dir=in | app=d:\utorrent\utorrent.exe |
"TCP Query User{5F735B9D-2154-46B0-98C8-7768D7DA6F0C}D:\sopcast\sopcast.exe" = protocol=6 | dir=in | app=d:\sopcast\sopcast.exe |
"TCP Query User{6A58F326-B52C-490C-924C-E36208EC51F2}D:\konami\pes2013.exe" = protocol=6 | dir=in | app=d:\konami\pes2013.exe |
"TCP Query User{863BDA8E-779C-4D76-8F41-866D77C57DD3}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{A6AF2BB7-52E6-4936-9555-A8193332BBCD}D:\pobrane\counter strike 1.6 by -_r3d_bull_-\counter strike 1.6 ns by r3d bull\cstrike.exe" = protocol=6 | dir=in | app=d:\pobrane\counter strike 1.6 by -_r3d_bull_-\counter strike 1.6 ns by r3d bull\cstrike.exe |
"TCP Query User{C646ABC1-A232-44E8-B892-8EFC70FBD174}D:\pobrane\counter strike 1.6 by -_r3d_bull_-\counter strike 1.6 ns by r3d bull\cstrike.exe" = protocol=6 | dir=in | app=d:\pobrane\counter strike 1.6 by -_r3d_bull_-\counter strike 1.6 ns by r3d bull\cstrike.exe |
"UDP Query User{135AF25E-218D-404C-A825-7813C83D30A8}D:\pobrane\counter strike 1.6 by -_r3d_bull_-\counter strike 1.6 ns by r3d bull\hltv.exe" = protocol=17 | dir=in | app=d:\pobrane\counter strike 1.6 by -_r3d_bull_-\counter strike 1.6 ns by r3d bull\hltv.exe |
"UDP Query User{5A7BD80B-2CB2-4D7C-8651-D0B509EA74B4}D:\utorrent\utorrent.exe" = protocol=17 | dir=in | app=d:\utorrent\utorrent.exe |
"UDP Query User{8429EC68-4F03-43F4-8150-CD89DCBCB23B}D:\pobrane\counter strike 1.6 by -_r3d_bull_-\counter strike 1.6 ns by r3d bull\cstrike.exe" = protocol=17 | dir=in | app=d:\pobrane\counter strike 1.6 by -_r3d_bull_-\counter strike 1.6 ns by r3d bull\cstrike.exe |
"UDP Query User{8E13C25E-5CEC-4F76-920D-BCB896726225}D:\konami\pes2013.exe" = protocol=17 | dir=in | app=d:\konami\pes2013.exe |
"UDP Query User{9D584703-6183-4636-B024-4632A4AD21DE}D:\sopcast\sopcast.exe" = protocol=17 | dir=in | app=d:\sopcast\sopcast.exe |
"UDP Query User{C1A40E49-CE8E-43F3-80A7-3149317FCFE5}D:\pobrane\counter strike 1.6 by -_r3d_bull_-\counter strike 1.6 ns by r3d bull\cstrike.exe" = protocol=17 | dir=in | app=d:\pobrane\counter strike 1.6 by -_r3d_bull_-\counter strike 1.6 ns by r3d bull\cstrike.exe |
"UDP Query User{EADB31A0-5896-400F-83B4-2CDDEB813B1A}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{10813B5C-D346-C028-5550-220FA31EC809}" = AMD Catalyst Install Manager
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{32F437DA-BABA-CD62-E342-69FE17FAC771}" = ccc-utility64
"{3C21A4E6-CEDF-4397-A17C-86FDE7C28610}" = BrowseToSave
"{413C3B15-DCB6-4329-77B0-C20A3D9F010F}" = AMD Fuel
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680D2E55-6FCC-4695-8741-3EA13DE4C898}" = ESET NOD32 Antivirus
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8E5DA9A6-7A9F-3A6F-BC5C-D6CBCA6A29C7}" = Microsoft .NET Framework 4 Extended PLK Language Pack
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 296.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-bitowy)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1" = SWF Opener
"{049155CC-5AB3-296F-5815-CD73A9646E99}" = CCC Help Greek
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{08094E03-AFE4-4853-9D31-6D0743DF5328}" = QuickTime
"{08366AE3-72A2-523E-7218-D1B0B8271EBA}" = CCC Help Turkish
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1943C3BD-4462-4612-92C3-D36DD917C447}" = Nero Recode
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26050F54-3928-4D9C-849A-C48A9E831E6F}" = ChomikBox
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2812B4B3-A412-7785-1964-4D60340E60A9}" = CCC Help French
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{354C5FB7-C8EC-1EC4-BE90-109E048E9C82}" = CCC Help Russian
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{43430FA1-12BB-4D88-862E-4F1000008400}" = Resident Evil: Operation Raccoon City
"{45B3492E-17BF-464E-BD8D-62A3ABF2EA99}_is1" = Karaoke Radio Eska vol. 2
"{462D8F12-355D-5920-9193-25388DA500DA}" = CCC Help Chinese Traditional
"{47491961-C944-4FD9-A023-33C6E724F108}_is1" = Rapoo 9200 Mouse Driver V1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A1C03BB-6A5A-B8F8-F910-6791960DC25C}" = Catalyst Control Center Localization All
"{4BF35375-9076-1169-6452-EC085410DD0E}" = Catalyst Control Center Profiles Mobile
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CC4A295-8204-75C9-6E44-E280E661282B}" = CCC Help Korean
"{4E2EA555-3DAE-4BE1-96BF-6A632ACFE8DE}" = LEGO® Batman™ 2: DC Super Heroes
"{4FD0F94D-0CAB-C85B-FA2C-9586BA0AAE60}" = CCC Help Spanish
"{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™
"{53B04D20-50D5-EA2F-BDFC-BCE332124FED}" = CCC Help Dutch
"{53BCB6DB-C944-CE07-BBA7-B8EC2DA228B0}" = CCC Help Swedish
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5963F4B4-D138-47CD-ADEF-470E87E185BD}" = Nero Burning ROM
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78EFD06D-7583-42F1-9E77-671D8782EB70}" = Adobe Photoshop CS3
"{7A2A107B-9695-423F-9462-8F17C178BD35}" = TP-LINK Wireless Client Utility
"{7C428915-7C49-E005-8D9C-0AFC3B9E2A55}" = CCC Help English
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience)
"{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}" = Nero Video
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{86227080-3ADB-5A9B-BB8A-8CE8CB6429F8}" = CCC Help Chinese Standard
"{86847081-B387-4F49-AED1-C9B0A090D66C}" = Nero Recode Help (CHM)
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = Rollercoaster Tycoon 3 ZE
"{95E152CF-0EB5-4BFA-B6EE-8FC7F9601BA5}" = Nero 12
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A075239D-F706-B32D-A071-5804AE360AF0}" = CCC Help Finnish
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A7CDE866-4E90-D922-89C4-31B836BC6E67}" = CCC Help German
"{A83FC388-927A-68E4-72FC-FC54E404B27F}" = CCC Help Japanese
"{A860FE72-A9F6-AB3D-09AE-3AA954EA1725}" = CCC Help Norwegian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1045-7B44-A95000000001}" = Adobe Reader 9.5.0 - Polish
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{B128179D-A5E1-43AC-9422-12A109ECD2A0}" = Nero Video Help (CHM)
"{B2F86EAE-18EE-6B39-20D8-C542D841F034}" = CCC Help Thai
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4BF2667-112C-45EF-B8CB-1168E4EB5BA8}_is1" = WRC3 wersja 1.0
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC5CE684-9D5B-707E-30BC-9275E2B49FA0}" = CCC Help Danish
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}" = Pro Evolution Soccer 2013
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5A8DF48-580B-44D3-B2B2-E965A9368F28}" = LEGO® Harry Potter™: Years 1-4
"{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}" = LEGO® Władca Pierścieni™
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CBF4DADD-974D-49C8-BC83-C6F31554001E}" = Adobe Setup
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}" = Nero BackItUp
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DC311C01-B1A9-8CAD-F018-9395269654EC}" = CCC Help Polish
"{DCFF61CC-B313-37DF-D567-26430CBC8720}" = CCC Help Portuguese
"{DE329278-4E61-8A9B-CADA-44AAC9E06C81}" = CCC Help Italian
"{DED30CC9-D549-403A-9C7E-3D4A12F06BF0}" = LEGO® Piraci z Karaibów Gra wideo
"{DFE4070B-1657-942F-72B1-0057A9A830EF}" = CCC Help Hungarian
"{E0303B6A-C675-4102-95DA-C013625BFA99}" = GTA San Andreas
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{ED20800E-1BFF-E5D6-86DF-2B8015E308E3}" = Catalyst Control Center
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FDF4B587-4070-4C2A-C3DC-A8F5DB3B6C5B}" = CCC Help Czech
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_678cd98c8365a5647f9a2e539d120a8" = Adobe Photoshop CS3
"Alan Wake_is1" = Alan Wake
"AVG Secure Search" = AVG Security Toolbar
"Bastion_is1" = Bastion
"CWK" = CWK (Czasowy Wyłącznik Komputera)
"DAEMON Tools Pro" = DAEMON Tools Pro
"Dll-Files Fixer_is1" = Dll-Files Fixer
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Fraps" = Fraps (remove only)
"GFWL_{53450FA2-E900-456E-9715-501000008200}" = Virtua Tennis 4™
"Google Chrome" = Google Chrome
"Handball 12_is1" = 1.0
"HideIPEasy" = Hide IP Easy
"Homefront_is1" = Homefront
"Kamerzysta" = Kamerzysta (deinstalacja)
"Media Player - Codec Pack" = Media Player Codec Pack 4.2.3
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Oozi Earth Adventurev1.0" = Oozi Earth Adventure
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Sniper Elite V2_is1" = Sniper Elite V2
"SopCast" = SopCast 3.5.0
"SP_f2a323db" =
"The Cave © SEGA_is1" = The Cave © SEGA version 1
"Uplay" = Uplay
"UserBar Generator_is1" = UserBar Generator 1.2
"uTorrent" = µTorrent
"Viking: Battle for Asgard_is1" = Viking: Battle for Asgard
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3783779841-4013014695-2269042626-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GG" = GG
"Winamp Detect" = Detektor Winampa

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2013-03-16 03:01:17 | Computer Name = Kamil-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2013-03-18 04:23:32 | Computer Name = Kamil-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2013-03-18 05:15:38 | Computer Name = Kamil-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\Nero\Nero
12\nero recode\NeroBRServer.exe.Manifest". Nie można odnaleźć zestawu zależnego
ACME,processorArchitecture="x86",type="win32",version="12.0.0.0". Użyj narzędzia
sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2013-03-18 06:38:41 | Computer Name = Kamil-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: LEGOHarryPotter.exe, wersja: 1.0.0.0,
sygnatura czasowa: 0x4c051b18 Nazwa modułu powodującego błąd: LEGOHarryPotter.exe,
wersja: 1.0.0.0, sygnatura czasowa: 0x4c051b18 Kod wyjątku: 0x40000015 Przesunięcie
błędu: 0x002314d7 Identyfikator procesu powodującego błąd: 0xd30 Godzina uruchomienia
aplikacji powodującej błąd: 0x01ce23be6ed9be88 Ścieżka aplikacji powodującej błąd:
D:\Harry Potter 1-4\LEGOHarryPotter.exe Ścieżka modułu powodującego błąd: D:\Harry
Potter 1-4\LEGOHarryPotter.exe Identyfikator raportu: ffbab3c1-8fb7-11e2-9174-8c89a5817067

Error - 2013-03-18 16:38:34 | Computer Name = Kamil-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2013-03-19 03:55:47 | Computer Name = Kamil-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2013-03-19 07:59:08 | Computer Name = Kamil-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\Nero\Nero
12\nero recode\NeroBRServer.exe.Manifest". Nie można odnaleźć zestawu zależnego
ACME,processorArchitecture="x86",type="win32",version="12.0.0.0". Użyj narzędzia
sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2013-03-19 16:13:38 | Computer Name = Kamil-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: LEGOHarryPotter.exe, wersja: 1.0.0.0,
sygnatura czasowa: 0x4c051b18 Nazwa modułu powodującego błąd: LEGOHarryPotter.exe,
wersja: 1.0.0.0, sygnatura czasowa: 0x4c051b18 Kod wyjątku: 0xc0000005 Przesunięcie
błędu: 0x0056b359 Identyfikator procesu powodującego błąd: 0x1168 Godzina uruchomienia
aplikacji powodującej błąd: 0x01ce24dab8e007c8 Ścieżka aplikacji powodującej błąd:
D:\Harry Potter 1-4\LEGOHarryPotter.exe Ścieżka modułu powodującego błąd: D:\Harry
Potter 1-4\LEGOHarryPotter.exe Identyfikator raportu: 7b940116-90d1-11e2-be80-8c89a5817067

Error - 2013-03-20 04:59:22 | Computer Name = Kamil-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2013-03-21 03:27:49 | Computer Name = Kamil-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2013-03-21 08:37:32 | Computer Name = Kamil-Komputer | Source = SideBySide | ID = 16842785
Description = Nie można wygenerować kontekstu aktywacji dla "c:\program files (x86)\Nero\Nero
12\nero recode\NeroBRServer.exe.Manifest". Nie można odnaleźć zestawu zależnego
ACME,processorArchitecture="x86",type="win32",version="12.0.0.0". Użyj narzędzia
sxstrace.exe, aby uzyskać szczegółową diagnozę.

Error - 2013-03-21 10:15:15 | Computer Name = Kamil-Komputer | Source = Application Error | ID = 1000
Description = Nazwa aplikacji powodującej błąd: WRC3.exe, wersja: 1.0.0.0, sygnatura
czasowa: 0x00000000 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura
czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x30900050 Identyfikator
procesu powodującego błąd: 0xf50 Godzina uruchomienia aplikacji powodującej błąd:
0x01ce263d59d97ea8 Ścieżka aplikacji powodującej błąd: D:\WRC3\WRC3.exe Ścieżka modułu
powodującego błąd: unknown Identyfikator raportu: c01338ac-9231-11e2-90ea-8c89a5817067

Error - 2013-03-21 14:14:43 | Computer Name = Kamil-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2013-03-22 03:32:19 | Computer Name = Kamil-Komputer | Source = WinMgmt | ID = 10
Description =

Error - 2013-03-22 09:22:49 | Computer Name = Kamil-Komputer | Source = Application Hang | ID = 1002
Description = Program Metallica_-_The_Greatest_Hits_(2011).rar.exe w wersji 2013.3.17.1307
zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest
dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu
w panelu sterowania Centrum akcji. Identyfikator procesu: 558 Godzina rozpoczęcia:
01ce27002b9b2ec2 Godzina zakończenia: 15 Ścieżka aplikacji: C:\Users\Kamil\Desktop\Metallica_-_The_Greatest_Hits_(2011).rar.exe

Identyfikator
raportu:

[ System Events ]
Error - 2013-03-21 03:26:05 | Computer Name = Kamil-Komputer | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka
modułu: C:\Windows\system32\athExt.dll Kod błędu: 126

Error - 2013-03-21 03:28:19 | Computer Name = Kamil-Komputer | Source = Service Control Manager | ID = 7038
Description = Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser
za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby
upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w
programie Microsoft Management Console (MMC).

Error - 2013-03-21 03:28:19 | Computer Name = Kamil-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego
błędu: %%1069

Error - 2013-03-21 14:13:06 | Computer Name = Kamil-Komputer | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 19:11:57 na ?2013-?03-?21 było
nieoczekiwane.

Error - 2013-03-21 14:13:07 | Computer Name = Kamil-Komputer | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka
modułu: C:\Windows\system32\athExt.dll Kod błędu: 126

Error - 2013-03-21 14:15:26 | Computer Name = Kamil-Komputer | Source = Service Control Manager | ID = 7038
Description = Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser
za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby
upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w
programie Microsoft Management Console (MMC).

Error - 2013-03-21 14:15:26 | Computer Name = Kamil-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego
błędu: %%1069

Error - 2013-03-22 03:30:38 | Computer Name = Kamil-Komputer | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka
modułu: C:\Windows\system32\athExt.dll Kod błędu: 126

Error - 2013-03-22 03:32:51 | Computer Name = Kamil-Komputer | Source = Service Control Manager | ID = 7038
Description = Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser
za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby
upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w
programie Microsoft Management Console (MMC).

Error - 2013-03-22 03:32:51 | Computer Name = Kamil-Komputer | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego
błędu: %%1069


< End of report >
Odpowiedz cytując ten post
22-03-2013, 15:15
Post #5
kermel
Administratorzy

Dołączył:17-07-2012
Skąd:Rybnik
Posty:3 167
Ja o sposobie umieszczania logów jedno, Ty drugie. Przecież nawet nie zajrzałeś do tego regulaminu.

1. We własnych opcjach skanowania/skrypt OTL'a wklej:

:Services
Bonjour Service

:OTL
O20 - AppInit_DLLs: (c:\progra~2\browse~1\sprote~1.dll) - c:\progra~2\browse~1\sprote~1.dll ()
O4 - HKLM..\Run: [Onet.pl AutoUpdate] "C:\Program Files (x86)\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013-02-19 11:18:23 | 000,000,000 | ---D | M]

:Files
netsh winsock reset /C

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="about:blank"
"Default_Page_URL"=-
[HKEY_USERS\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Internet Explorer\Main]
"Start Page"="about:blank"
"Default_Page_URL"=-
[-HKEY_USERS\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=-
[-HKEY_USERS\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
[-HKEY_USERS\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Internet Explorer\SearchScopes\{43E7DC72-8A82-4ECB-810E-4D95E0F91432}]
[-HKEY_USERS\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]

Kliknij Wykonaj skrypt, pokaż raport.
Nota dla innych czytających - skrypt jest unikalny, proszę nie stosować na swoich systemach. Każdy przypadek jest inny i rozpatrywany indywidualnie.

2. Odinstaluj AVG Security Toolbar i BrowseToSave.

3. Skanuj AdwCleaner i pokaż raport.

Wstawiam, bo niektórzy zbyt często wagarowali/wagarują na j.polskim, a i książek na oczy chyba nie widzieli. 1 / 2
Odwiedź stronę użytkownika
Odpowiedz cytując ten post
22-03-2013, 15:39
Post #6
CoolTT
Zarejestrowani

Dołączył:22-03-2013
Posty:7
(22-03-2013 15:15)kermel napisał:  Ja o sposobie umieszczania logów jedno, Ty drugie. Przecież nawet nie zajrzałeś do tego regulaminu.

1. We własnych opcjach skanowania/skrypt OTL'a wklej:

:Services
Bonjour Service

:OTL
O20 - AppInit_DLLs: (c:\progra~2\browse~1\sprote~1.dll) - c:\progra~2\browse~1\sprote~1.dll ()
O4 - HKLM..\Run: [Onet.pl AutoUpdate] "C:\Program Files (x86)\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013-02-19 11:18:23 | 000,000,000 | ---D | M]

:Files
netsh winsock reset /C

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="about:blank"
"Default_Page_URL"=-
[HKEY_USERS\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Internet Explorer\Main]
"Start Page"="about:blank"
"Default_Page_URL"=-
[-HKEY_USERS\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"=-
[-HKEY_USERS\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
[-HKEY_USERS\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Internet Explorer\SearchScopes\{43E7DC72-8A82-4ECB-810E-4D95E0F91432}]
[-HKEY_USERS\S-1-5-21-3783779841-4013014695-2269042626-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]

Kliknij Wykonaj skrypt, pokaż raport.
Nota dla innych czytających - skrypt jest unikalny, proszę nie stosować na swoich systemach. Każdy przypadek jest inny i rozpatrywany indywidualnie.

2. Odinstaluj AVG Security Toolbar i BrowseToSave.

3. Skanuj AdwCleaner i pokaż raport.

1.Raport:
http://wklej.systemclinic.pl/2753/
2.Odinstalowane
3.http://wklej.systemclinic.pl/2754/
Odpowiedz cytując ten post
22-03-2013, 15:45
Post #7
kermel
Administratorzy

Dołączył:17-07-2012
Skąd:Rybnik
Posty:3 167
Nie cytuj proszę całych postów, to jest mega nieczytelne.

Montuj poprawkę do OTL'a:

:files
C:\ProgramData\InstallMate
C:\Users\Kamil\AppData\Local\APN
C:\Users\Kamil\AppData\Local\Temp\Uninstall.exe

:reg
[-HKEY_CURRENT_USER\Software\AppDataLow\SProtector]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-HKEY_CURRENT_USER\Software\StartSearch]
[-HKEY_CURRENT_USER\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}]
[-HKEY_LOCAL_MACHINE\Software\SP Global]
[-HKEY_LOCAL_MACHINE\Software\SProtector]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}]

Raportu nie pokazuj. Usuń OTL'a oraz katalog C:\_OTL

Dostarcz spakowany plik C:\Users\Kamil\AppData\Local\Google\Chrome\User Data\Default\Preferences
Ten post był ostatnio modyfikowany: 22-03-2013 o 15:45 przez kermel.

Wstawiam, bo niektórzy zbyt często wagarowali/wagarują na j.polskim, a i książek na oczy chyba nie widzieli. 1 / 2
Odwiedź stronę użytkownika
Odpowiedz cytując ten post
22-03-2013, 16:19
Post #8
CoolTT
Zarejestrowani

Dołączył:22-03-2013
Posty:7
nie wiedziałem jak dostarczyc wiec na egofiles

http://egofiles.com/61z8c8Y23EP57bnI/Preferences.rar
Odpowiedz cytując ten post
22-03-2013, 16:20
Post #9
kermel
Administratorzy

Dołączył:17-07-2012
Skąd:Rybnik
Posty:3 167
Nie żartuj sobie. Masz opcję dodawania załączników.

Wstawiam, bo niektórzy zbyt często wagarowali/wagarują na j.polskim, a i książek na oczy chyba nie widzieli. 1 / 2
Odwiedź stronę użytkownika
Odpowiedz cytując ten post
22-03-2013, 16:25
Post #10
CoolTT
Zarejestrowani

Dołączył:22-03-2013
Posty:7
nie zauwazyłem,sorry


Popraw następujące błędy:
Typ pliku, który załączono, nie jest obsługiwany. Usuń załącznik i spróbuj ponownie.


spakowany winrarem bez kompresji
Odpowiedz cytując ten post
22-03-2013, 16:28
Post #11
kermel
Administratorzy

Dołączył:17-07-2012
Skąd:Rybnik
Posty:3 167
Popatrz na swoje posty. Jak to wygląda? Wiesz, że styl pisowni wiele mówi o osobie piszącej? Nie pozwolę zrobić śmietnika z tego forum, więc zepnij poślady i zadbaj o poziom wypowiedzi. Plik zaś spakuj do *.zip

Wstawiam, bo niektórzy zbyt często wagarowali/wagarują na j.polskim, a i książek na oczy chyba nie widzieli. 1 / 2
Odwiedź stronę użytkownika
Odpowiedz cytując ten post
22-03-2013, 16:33
Post #12
CoolTT
Zarejestrowani

Dołączył:22-03-2013
Posty:7
rozumiem

Oto plik:
Załączniki .zip  Preferences.zip (Rozmiar: 20,04 KB / Pobrań: 1)
Odpowiedz cytując ten post
22-03-2013, 16:41
Post #13
kermel
Administratorzy

Dołączył:17-07-2012
Skąd:Rybnik
Posty:3 167
Usuń skrót z Chrome i utwórz go ponownie. Przy wyłączonym Chromie (upewnij się, że nie wisi w procesach) podmień swój plik na ten rozpakowany z załącznika. Sprawdź rezultaty.
Załączniki .zip  Preferences.zip (Rozmiar: 19,84 KB / Pobrań: 2)

Wstawiam, bo niektórzy zbyt często wagarowali/wagarują na j.polskim, a i książek na oczy chyba nie widzieli. 1 / 2
Odwiedź stronę użytkownika
Odpowiedz cytując ten post
22-03-2013, 17:02
Post #14
CoolTT
Zarejestrowani

Dołączył:22-03-2013
Posty:7
Problem rozwiązany,dziękuję mistrzu
Odpowiedz cytując ten post
Odpowiedz




Przeglądający ten wątek: 1 gości